Guide to the Secure Configuration of Red Hat Enterprise Linux 9

with profile Australian Cyber Security Centre (ACSC) Essential Eight
This profile contains configuration checks for Red Hat Enterprise Linux 9 that align to the Australian Cyber Security Centre (ACSC) Essential Eight. A copy of the Essential Eight in Linux Environments guide can be found at the ACSC website: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
This guide presents a catalog of security-relevant configuration settings for Red Hat Enterprise Linux 9. It is a rendering of content structured in the eXtensible Configuration Checklist Description Format (XCCDF) in order to support security automation. The SCAP content is is available in the scap-security-guide package which is developed at https://www.open-scap.org/security-policies/scap-security-guide.

Providing system administrators with such guidance informs them how to securely configure systems under their control in a variety of network roles. Policy makers and baseline creators can use this catalog of settings, with its associated references to higher-level security control catalogs, in order to assist them in security baseline creation. This guide is a catalog, not a checklist, and satisfaction of every item is not likely to be possible or sensible in many operational scenarios. However, the XCCDF format enables granular selection and adjustment of settings, and their association with OVAL and OCIL content provides an automated checking capability. Transformations of this document, and its associated automated checking content, are capable of providing baselines that meet a diverse set of policy objectives. Some example XCCDF Profiles, which are selections of items that form checklists and can be used as baselines, are available with this guide. They can be processed, in an automated fashion, with tools that support the Security Content Automation Protocol (SCAP). The DISA STIG, which provides required settings for US Department of Defense systems, is one example of a baseline created from this guidance.
Do not attempt to implement any of the settings in this guide without first testing them in a non-operational environment. The creators of this guidance assume no responsibility whatsoever for its use by other parties, and makes no guarantees, expressed or implied, about its quality, reliability, or any other characteristic.

Evaluation Characteristics

Evaluation targetrhel-db2.local
Benchmark URL#scap_org.open-scap_comp_ssg-rhel9-xccdf.xml
Benchmark IDxccdf_org.ssgproject.content_benchmark_RHEL-9
Benchmark version0.1.69
Profile IDxccdf_org.ssgproject.content_profile_e8
Started at2024-02-25T14:38:47+08:00
Finished at2024-02-25T14:40:07+08:00
Performed byrippa
Test systemcpe:/a:redhat:openscap:1.3.8

CPE Platforms

  • cpe:/o:redhat:enterprise_linux:9

Addresses

  • IPv4  127.0.0.1
  • IPv4  192.168.64.15
  • IPv6  0:0:0:0:0:0:0:1
  • IPv6  fdca:3854:a1d9:a705:3406:56ff:fe15:b45a
  • IPv6  fe80:0:0:0:3406:56ff:fe15:b45a
  • MAC  00:00:00:00:00:00
  • MAC  36:06:56:15:B4:5A

Compliance and Scoring

The target system did not satisfy the conditions of 62 rules! Please review rule results and consider applying remediation.

Rule results

587 passed
62 failed
0 other

Severity of failed rules

0 other
3 low
55 medium
4 high

Score

Scoring systemScoreMaximumPercent
urn:xccdf:scoring:default59.074074100.000000
59.07%

Rule Overview

Group rules by:
TitleSeverityResult
Guide to the Secure Configuration of Red Hat Enterprise Linux 9 51x fail
System Settings 39x fail
Installing and Maintaining Software 4x fail
System and Software Integrity 1x fail
Software Integrity Checking
Verify Integrity with RPM
Verify File Hashes with RPMhigh
pass
Verify and Correct Ownership with RPMhigh
pass
Verify and Correct File Permissions with RPMhigh
pass
System Cryptographic Policies 1x fail
Configure System Cryptography Policyhigh
fail
Configure SSH to use System Crypto Policymedium
pass
Sudo
Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticatemedium
pass
Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWDmedium
pass
Ensure Users Re-Authenticate for Privilege Escalation - sudomedium
pass
System Tooling / Utilities
Install rear Packagemedium
notapplicable
Updating Software 3x fail
Configure dnf-automatic to Install Only Security Updateslow
fail
Ensure gpgcheck Enabled In Main dnf Configurationhigh
pass
Ensure gpgcheck Enabled for Local Packageshigh
fail
Ensure gpgcheck Enabled for All dnf Package Repositorieshigh
pass
Ensure Red Hat GPG Key Installedhigh
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240952) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240951) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240950) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240848) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240811) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240807) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240805) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240790) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240675) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240670) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240603) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240602) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240557) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240533) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240477) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240474) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240468) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240466) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240465) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240464) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240463) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240387) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240340) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240310) medium
fail
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240267) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240266) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240265) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240249) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240156) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240152) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240151) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240141) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240108) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240071) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240025) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240010) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20240001) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237879) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237791) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237785) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237784) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237766) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237765) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237764) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237763) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237762) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237754) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237753) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237747) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237734) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237715) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237712) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237711) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237507) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237501) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237465) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237277) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237257) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237255) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20237253) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236748) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236746) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236745) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236744) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236738) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236732) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236712) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236707) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236705) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236699) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236698) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236694) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236685) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236679) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236667) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236661) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236659) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236643) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236635) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236632) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236631) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236621) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236615) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236596) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236595) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236593) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236587) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236578) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236575) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236570) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236569) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236566) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236551) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236549) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236544) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236542) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236539) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236535) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236524) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236523) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236518) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236508) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236497) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236496) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236494) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236492) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236482) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236474) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236473) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236469) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236434) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236431) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236429) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236420) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236409) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236403) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236402) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236385) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236380) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236372) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236371) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236369) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236368) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236365) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236363) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236346) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236343) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236341) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236340) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236330) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236324) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236316) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236282) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236266) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236265) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236246) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236242) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236191) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236188) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236167) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236120) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20236077) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235929) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235926) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235924) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235867) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235849) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235838) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235765) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235763) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235753) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235749) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235744) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235738) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235733) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235711) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235708) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235689) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235684) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235539) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235532) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235462) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235459) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235456) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235453) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235435) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235434) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235363) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235313) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235224) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235214) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235200) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235194) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235146) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235143) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235094) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235093) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235091) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235081) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235080) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235071) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235069) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235068) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235061) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20235048) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234958) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234955) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234838) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234708) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234644) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234642) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234634) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234571) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234569) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234499) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234462) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234412) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234411) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234380) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234378) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234377) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234354) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234350) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234349) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234347) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234331) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234330) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234327) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234325) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234201) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234178) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234177) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234158) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234099) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234071) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234064) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234060) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234057) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20234030) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233948) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233923) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233725) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233723) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233722) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233715) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233714) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233711) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233708) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233705) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233661) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233595) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233592) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233589) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233587) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233586) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233585) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233581) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233577) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233559) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233432) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233423) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233318) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233245) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233150) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233148) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233147) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20233143) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232655) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232654) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232653) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232652) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232650) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232645) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232633) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232626) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232621) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232592) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232589) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232582) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232570) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232532) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232523) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232519) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232502) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232487) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232478) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232459) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232458) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232453) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232444) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232417) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232378) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232373) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232370) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232367) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232366) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232357) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232340) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232326) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232319) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232312) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232293) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232283) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232282) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232261) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232260) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232259) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232258) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232257) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232256) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232253) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232249) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232248) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232236) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232234) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232222) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232216) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232204) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232202) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232193) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232179) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232177) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232167) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232166) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232165) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232162) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232161) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232148) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232127) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232120) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232078) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20232074) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231918) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231909) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231880) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231879) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231809) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231786) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231703) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231701) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231696) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231693) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231691) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231681) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231670) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231592) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231591) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231471) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231470) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231469) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231407) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231368) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231337) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231141) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231068) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231067) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20231008) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230979) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230974) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230970) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230965) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230959) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230958) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230957) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230954) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230953) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230952) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230951) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230946) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230903) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230824) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230810) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230752) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230626) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230622) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230611) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230608) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230476) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230383) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230348) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230343) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230340) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230339) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230338) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230337) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230336) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230335) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230334) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230333) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230328) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230321) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230318) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230304) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230303) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230302) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230300) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230285) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230282) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230210) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230202) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230194) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230077) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230021) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20230005) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20229080) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20229065) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228832) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228643) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228637) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228580) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228561) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228493) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228453) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228444) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228434) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228431) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228420) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228418) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228415) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228400) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228393) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228385) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228384) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228361) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228353) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228340) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228318) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228317) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228299) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228291) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228267) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228263) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228252) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228250) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228226) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228222) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228221) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228219) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228208) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228207) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228197) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228194) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228162) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228151) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228139) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228126) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228112) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228100) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228098) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228096) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228090) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228078) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228070) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228068) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228067) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228062) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228057) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228054) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228022) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228011) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228008) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20228003) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227979) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227978) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227970) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227968) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227967) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227959) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227958) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227955) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227954) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227950) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227935) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227933) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227330) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227329) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227326) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227323) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227319) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227318) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227314) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227288) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227185) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227178) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227090) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227071) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227026) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227020) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227013) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20227007) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226999) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226963) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226913) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226854) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226839) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226838) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226763) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226717) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226700) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226634) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226610) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226608) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226602) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226595) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226592) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226590) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226585) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226582) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226580) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226521) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226358) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226313) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226224) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226181) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226174) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226165) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226157) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226043) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226003) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20226002) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225948) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225942) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225904) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225799) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225778) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225767) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225736) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225716) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225709) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225695) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225527) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225482) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225481) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225267) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225263) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225257) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225252) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225251) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225250) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225249) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225245) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225244) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225242) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225214) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225099) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20225050) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224990) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224940) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224899) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224892) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224873) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224795) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224772) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224771) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224765) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224592) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224591) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224590) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224589) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224588) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224587) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224584) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20224582) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20222137) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221729) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhsa:def:20221728) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhea:def:20237252) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhea:def:20236562) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhea:def:20236529) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhba:def:20232451) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhba:def:20232181) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhba:def:20228256) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhba:def:20228077) medium
pass
Ensure Software Patches Installed (oval:com.redhat.rhba:def:20225749) medium
pass
Account and Access Control 2x fail
Protect Accounts by Restricting Password-Based Login 1x fail
Verify Proper Storage and Existence of Password Hashes 1x fail
Prevent Login to Accounts With Empty Passwordhigh
fail
Restrict Root Logins
Verify Only Root Has UID 0high
pass
Enable authselectmedium
fail
System Accounting with auditd 22x fail
Configure auditd Rules for Comprehensive Auditing 21x fail
Record Events that Modify the System's Discretionary Access Controls 2x fail
Record Events that Modify the System's Discretionary Access Controls - chmodmedium
fail
Record Events that Modify the System's Discretionary Access Controls - chownmedium
fail
Record Execution Attempts to Run SELinux Privileged Commands 6x fail
Record Any Attempts to Run chconmedium
fail
Record Any Attempts to Run restoreconmedium
fail
Record Any Attempts to Run semanagemedium
fail
Record Any Attempts to Run setfilesmedium
fail
Record Any Attempts to Run setseboolmedium
fail
Record Any Attempts to Run seunsharemedium
fail
Record Information on Kernel Modules Loading and Unloading 1x fail
Ensure auditd Collects Information on Kernel Module Loading and Unloadingmedium
fail
Record Attempts to Alter Logon and Logout Eventsmedium
fail
Record Attempts to Alter Logon and Logout Events - faillockmedium
fail
Record Attempts to Alter Logon and Logout Events - lastlogmedium
fail
Record Attempts to Alter Logon and Logout Events - tallylogmedium
fail
Records Events that Modify Date and Time Information 5x fail
Record attempts to alter time through adjtimexmedium
fail
Record Attempts to Alter Time Through clock_settimemedium
fail
Record attempts to alter time through settimeofdaymedium
fail
Record Attempts to Alter Time Through stimemedium
fail
Record Attempts to Alter the localtime Filemedium
fail
Record Events that Modify the System's Network Environmentmedium
fail
Ensure auditd Collects System Administrator Actionsmedium
fail
Record Events that Modify User/Group Informationmedium
fail
Configure auditd Data Retention 1x fail
Configure auditd flush prioritymedium
pass
Set number of records to cause an explicit flush to audit logsmedium
pass
Include Local Events in Audit Logsmedium
pass
Resolve information before writing to audit logslow
pass
Set type of computer node name logging in audit logsmedium
fail
Write Audit Logs to the Diskmedium
pass
Configure Syslog
Ensure rsyslog is Installedmedium
pass
Enable rsyslog Servicemedium
pass
Network Configuration and Firewalls
firewalld
Inspect and Activate Default firewalld Rules
Install firewalld Packagemedium
pass
Verify firewalld Enabledmedium
pass
Ensure System is Not Acting as a Network Sniffermedium
pass
File Permissions and Masks 11x fail
Verify Permissions on Important Files and Directories 2x fail
Verify File Permissions Within Some Important Directories
Verify that System Executables Have Root Ownershipmedium
pass
Verify that Shared Library Files Have Root Ownershipmedium
pass
Verify that System Executables Have Restrictive Permissionsmedium
pass
Verify that Shared Library Files Have Restrictive Permissionsmedium
pass
Verify that All World-Writable Directories Have Sticky Bits Setmedium
pass
Ensure All SGID Executables Are Authorizedmedium
fail
Ensure All SUID Executables Are Authorizedmedium
fail
Ensure No World-Writable Files Existmedium
pass
Restrict Partition Mount Options 3x fail
Add nodev Option to /dev/shmmedium
fail
Add noexec Option to /dev/shmmedium
fail
Add nosuid Option to /dev/shmmedium
fail
Restrict Programs from Dangerous Execution Patterns 6x fail
Enable ExecShield 1x fail
Enable ExecShield via sysctlmedium
pass
Restrict Exposed Kernel Pointer Addresses Accessmedium
pass
Enable Randomized Layout of Virtual Address Spacemedium
fail
Restrict Access to Kernel Message Bufferlow
fail
Disable Kernel Image Loadingmedium
fail
Disable Access to Network bpf() Syscall From Unprivileged Processesmedium
fail
Restrict usage of ptrace to descendant processesmedium
fail
Harden the operation of the BPF just-in-time compilermedium
fail
SELinux
Configure SELinux Policymedium
pass
Ensure SELinux State is Enforcinghigh
pass
Services 12x fail
Avahi Server 1x fail
Disable Avahi Server if Possible 1x fail
Disable Avahi Server Softwaremedium
fail
Application Whitelisting Daemon 2x fail
Install fapolicyd Packagemedium
fail
Enable the File Access Policy Servicemedium
fail
Obsolete Services
Xinetd
Uninstall xinetd Packagelow
pass
Disable xinetd Servicemedium
pass
NIS
Remove NIS Clientunknown
pass
Rlogin, Rsh, and Rexec
Uninstall rsh-server Packagehigh
pass
Uninstall rsh Packageunknown
pass
Chat/Messaging Services
Uninstall talk-server Packagemedium
pass
Uninstall talk Packagemedium
pass
Telnet
Uninstall telnet-server Packagehigh
pass
Remove telnet Clientslow
pass
Disable telnet Servicehigh
pass
Proxy Server
Disable Squid if Possible
Uninstall squid Packageunknown
pass
Disable Squidunknown
pass
Network Routing
Disable Quagga if Possible
Uninstall quagga Packagelow
pass
SSH Server 9x fail
Configure OpenSSH Server if Necessary 9x fail
Disable SSH Access via Empty Passwordshigh
fail
Disable GSSAPI Authenticationmedium
fail
Disable SSH Support for .rhosts Filesmedium
fail
Disable SSH Root Loginmedium
fail
Disable SSH Support for User Known Hostsmedium
fail
Do Not Allow SSH Environment Optionsmedium
fail
Enable Use of Strict Mode Checkingmedium
fail
Enable SSH Print Last Logmedium
fail
Set LogLevel to INFOlow
fail
Distribute the SSH Server configuration to multiple files in a config directory.medium
pass

Result Details

Verify File Hashes with RPMxccdf_org.ssgproject.content_rule_rpm_verify_hashes highCCE-90841-8

Verify File Hashes with RPM

Rule IDxccdf_org.ssgproject.content_rule_rpm_verify_hashes
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-rpm_verify_hashes:def:1
Time2024-02-25T14:39:17+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-90841-8

References:  11, 2, 3, 9, 5.10.4.1, APO01.06, BAI03.05, BAI06.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS06.02, 3.3.8, 3.4.1, CCI-000366, CCI-001749, 164.308(a)(1)(ii)(D), 164.312(b), 164.312(c)(1), 164.312(c)(2), 164.312(e)(2)(i), 4.3.4.3.2, 4.3.4.3.3, 4.3.4.4.4, SR 3.1, SR 3.3, SR 3.4, SR 3.8, SR 7.6, A.11.2.4, A.12.1.2, A.12.2.1, A.12.5.1, A.12.6.2, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, CM-6(d), CM-6(c), SI-7, SI-7(1), SI-7(6), AU-9(3), PR.DS-6, PR.DS-8, PR.IP-1, Req-11.5, 11.5.2, SRG-OS-000480-GPOS-00227, RHEL-09-214030, SV-257823r925456_rule

Description
Without cryptographic integrity protections, system executables and files can be altered by unauthorized users without detection. The RPM package management system can check the hashes of installed software packages, including many that are important to system security. To verify that the cryptographic hash of system files and commands matches vendor values, run the following command to list which files on the system have hashes that differ from what is expected by the RPM database:
$ rpm -Va --noconfig | grep '^..5'
A "c" in the second column indicates that a file is a configuration file, which may appropriately be expected to change. If the file was not expected to change, investigate the cause of the change using audit logs or other means. The package can then be reinstalled to restore the file. Run the following command to determine which package owns the file:
$ rpm -qf FILENAME
The package can be reinstalled from a dnf repository using the command:
$ sudo dnf reinstall PACKAGENAME
Alternatively, the package can be reinstalled from trusted media using the command:
$ sudo rpm -Uvh PACKAGENAME
Rationale
The hashes of important files like system executables should match the information given by the RPM database. Executables with erroneous hashes could be a sign of nefarious activity on the system.
OVAL test results details

verify file md5 hashes  oval:ssg-test_files_fail_md5_hash:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_files_fail_md5_hash:obj:1 of type rpmverifyfile_object
BehaviorsNameEpochVersionReleaseArchFilepathFilter
no value.*.*.*.*.*^/(bin|sbin|lib|lib64|usr)/.+$oval:ssg-state_files_fail_md5_hash:ste:1
Verify and Correct Ownership with RPMxccdf_org.ssgproject.content_rule_rpm_verify_ownership highCCE-90842-6

Verify and Correct Ownership with RPM

Rule IDxccdf_org.ssgproject.content_rule_rpm_verify_ownership
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-rpm_verify_ownership:def:1
Time2024-02-25T14:39:30+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-90842-6

References:  1, 11, 12, 13, 14, 15, 16, 18, 3, 5, 6, 9, 5.10.4.1, APO01.06, APO11.04, BAI03.05, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS05.04, DSS05.07, DSS06.02, MEA02.01, 3.3.8, 3.4.1, CCI-001494, CCI-001496, 4.3.3.3.9, 4.3.3.5.8, 4.3.3.7.3, 4.3.4.3.2, 4.3.4.3.3, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 2.1, SR 2.10, SR 2.11, SR 2.12, SR 2.8, SR 2.9, SR 5.2, SR 7.6, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.12.1.2, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.5.1, A.12.6.2, A.12.7.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R4.2, CIP-003-8 R6, CIP-007-3 R4, CIP-007-3 R4.1, CIP-007-3 R4.2, CM-6(d), CM-6(c), SI-7, SI-7(1), SI-7(6), AU-9(3), PR.AC-4, PR.DS-5, PR.IP-1, PR.PT-1, Req-11.5, 11.5.2, SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000278-GPOS-00108, 6.1.15

Description
The RPM package management system can check file ownership permissions of installed software packages, including many that are important to system security. After locating a file with incorrect permissions, which can be found with
rpm -Va | awk '{ if (substr($0,6,1)=="U" || substr($0,7,1)=="G") print $NF }'
run the following command to determine which package owns it:
$ rpm -qf FILENAME
Next, run the following command to reset its permissions to the correct values:
$ sudo rpm --setugids PACKAGENAME
Rationale
Ownership of binaries and configuration files that is incorrect could allow an unauthorized user to gain privileges that they should not have. The ownership set by the vendor should be maintained. Any deviations from this baseline should be investigated.
Warnings
warning  Profiles may require that specific files be owned by root while the default owner defined by the vendor is different. Such files will be reported as a finding and need to be evaluated according to your policy and deployment environment.
OVAL test results details

user ownership of all files matches local rpm database  oval:ssg-test_verify_all_rpms_user_ownership:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_files_fail_user_ownership:obj:1 of type rpmverifyfile_object
BehaviorsNameEpochVersionReleaseArchFilepathFilter
no value.*.*.*.*.*.*oval:ssg-state_files_fail_user_ownership:ste:1

group ownership of all files matches local rpm database  oval:ssg-test_verify_all_rpms_group_ownership:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_files_fail_group_ownership:obj:1 of type rpmverifyfile_object
BehaviorsNameEpochVersionReleaseArchFilepathFilter
no value.*.*.*.*.*.*oval:ssg-state_files_fail_group_ownership:ste:1
Verify and Correct File Permissions with RPMxccdf_org.ssgproject.content_rule_rpm_verify_permissions highCCE-90840-0

Verify and Correct File Permissions with RPM

Rule IDxccdf_org.ssgproject.content_rule_rpm_verify_permissions
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-rpm_verify_permissions:def:1
Time2024-02-25T14:39:36+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-90840-0

References:  1, 11, 12, 13, 14, 15, 16, 18, 3, 5, 6, 9, 5.10.4.1, APO01.06, APO11.04, BAI03.05, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS05.04, DSS05.07, DSS06.02, MEA02.01, 3.3.8, 3.4.1, CCI-001493, CCI-001494, CCI-001495, CCI-001496, 164.308(a)(1)(ii)(D), 164.312(b), 164.312(c)(1), 164.312(c)(2), 164.312(e)(2)(i), 4.3.3.3.9, 4.3.3.5.8, 4.3.3.7.3, 4.3.4.3.2, 4.3.4.3.3, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 2.1, SR 2.10, SR 2.11, SR 2.12, SR 2.8, SR 2.9, SR 5.2, SR 7.6, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.12.1.2, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.5.1, A.12.6.2, A.12.7.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R4.2, CIP-003-8 R6, CIP-007-3 R4, CIP-007-3 R4.1, CIP-007-3 R4.2, CM-6(d), CM-6(c), SI-7, SI-7(1), SI-7(6), AU-9(3), CM-6(a), PR.AC-4, PR.DS-5, PR.IP-1, PR.PT-1, Req-11.5, 11.5.2, SRG-OS-000256-GPOS-00097, SRG-OS-000257-GPOS-00098, SRG-OS-000258-GPOS-00099, SRG-OS-000278-GPOS-00108, 6.1.15

Description
The RPM package management system can check file access permissions of installed software packages, including many that are important to system security. Verify that the file permissions of system files and commands match vendor values. Check the file permissions with the following command:
$ sudo rpm -Va | awk '{ if (substr($0,2,1)=="M") print $NF }'
Output indicates files that do not match vendor defaults. After locating a file with incorrect permissions, run the following command to determine which package owns it:
$ rpm -qf FILENAME

Next, run the following command to reset its permissions to the correct values:
$ sudo rpm --setperms PACKAGENAME
Rationale
Permissions on system binaries and configuration files that are too generous could allow an unauthorized user to gain privileges that they should not have. The permissions set by the vendor should be maintained. Any deviations from this baseline should be investigated.
Warnings
warning  Profiles may require that specific files have stricter file permissions than defined by the vendor. Such files will be reported as a finding and need to be evaluated according to your policy and deployment environment.
OVAL test results details

mode of all files matches local rpm database  oval:ssg-test_verify_all_rpms_mode:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_files_fail_mode:obj:1 of type rpmverifyfile_object
BehaviorsNameEpochVersionReleaseArchFilepathFilter
no value.*.*.*.*.*.*oval:ssg-state_files_fail_mode:ste:1
Configure System Cryptography Policyxccdf_org.ssgproject.content_rule_configure_crypto_policy highCCE-83450-7

Configure System Cryptography Policy

Rule IDxccdf_org.ssgproject.content_rule_configure_crypto_policy
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-configure_crypto_policy:def:1
Time2024-02-25T14:39:36+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-83450-7

References:  A.5.SEC-RHEL4, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.312(e)(1), 164.312(e)(2)(ii), 1446, CIP-003-8 R4.2, CIP-007-3 R5.1, CIP-007-3 R7.1, AC-17(a), AC-17(2), CM-6(a), MA-4(6), SC-13, SC-12(2), SC-12(3), FCS_COP.1(1), FCS_COP.1(2), FCS_COP.1(3), FCS_COP.1(4), FCS_CKM.1, FCS_CKM.2, FCS_TLSC_EXT.1, SRG-OS-000396-GPOS-00176, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174, RHEL-09-671010, RHEL-09-672030, RHEL-09-672045, 1.10, SV-258230r926677_rule, SV-258238r926701_rule, SV-258241r926710_rule

Description
To configure the system cryptography policy to use ciphers only from the DEFAULT:NO-SHA1 policy, run the following command:
$ sudo update-crypto-policies --set DEFAULT:NO-SHA1
The rule checks if settings for selected crypto policy are configured as expected. Configuration files in the /etc/crypto-policies/back-ends are either symlinks to correct files provided by Crypto-policies package or they are regular files in case crypto policy customizations are applied. Crypto policies may be customized by crypto policy modules, in which case it is delimited from the base policy using a colon.
Rationale
Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data.
Warnings
warning  The system needs to be rebooted for these changes to take effect.
warning  System Crypto Modules must be provided by a vendor that undergoes FIPS-140 certifications. FIPS-140 is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract. See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf To meet this, the system has to have cryptographic software provided by a vendor that has undergone this certification. This means providing documentation, test results, design information, and independent third party review by an accredited lab. While open source software is capable of meeting this, it does not meet FIPS-140 unless the vendor submits to this process.


    var_system_crypto_policy='DEFAULT:NO-SHA1'
    
    
    stderr_of_call=$(update-crypto-policies --set ${var_system_crypto_policy} 2>&1 > /dev/null)
    rc=$?
    
    if test "$rc" = 127; then
        echo "$stderr_of_call" >&2
        echo "Make sure that the script is installed on the remediated system." >&2
        echo "See output of the 'dnf provides update-crypto-policies' command" >&2
        echo "to see what package to (re)install" >&2
    
        false  # end with an error code
    elif test "$rc" != 0; then
        echo "Error invoking the update-crypto-policies script: $stderr_of_call" >&2
        false  # end with an error code
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: XCCDF Value var_system_crypto_policy # promote to variable
      set_fact:
        var_system_crypto_policy: !!str DEFAULT:NO-SHA1
      tags:
        - always
    
    - name: Configure System Cryptography Policy
      lineinfile:
        path: /etc/crypto-policies/config
        regexp: ^(?!#)(\S+)$
        line: '{{ var_system_crypto_policy }}'
        create: true
      tags:
      - CCE-83450-7
      - DISA-STIG-RHEL-09-671010
      - DISA-STIG-RHEL-09-672030
      - DISA-STIG-RHEL-09-672045
      - NIST-800-53-AC-17(2)
      - NIST-800-53-AC-17(a)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-MA-4(6)
      - NIST-800-53-SC-12(2)
      - NIST-800-53-SC-12(3)
      - NIST-800-53-SC-13
      - configure_crypto_policy
      - high_severity
      - low_complexity
      - low_disruption
      - no_reboot_needed
      - restrict_strategy
    
    - name: Verify that Crypto Policy is Set (runtime)
      command: /usr/bin/update-crypto-policies --set {{ var_system_crypto_policy }}
      tags:
      - CCE-83450-7
      - DISA-STIG-RHEL-09-671010
      - DISA-STIG-RHEL-09-672030
      - DISA-STIG-RHEL-09-672045
      - NIST-800-53-AC-17(2)
      - NIST-800-53-AC-17(a)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-MA-4(6)
      - NIST-800-53-SC-12(2)
      - NIST-800-53-SC-12(3)
      - NIST-800-53-SC-13
      - configure_crypto_policy
      - high_severity
      - low_complexity
      - low_disruption
      - no_reboot_needed
      - restrict_strategy
    

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        systemd:
          units:
            - name: configure-crypto-policy.service
              enabled: true
              contents: |
                [Unit]
                Before=kubelet.service
                [Service]
                Type=oneshot
                ExecStart=update-crypto-policies --set {{.var_system_crypto_policy}}
                RemainAfterExit=yes
                [Install]
                WantedBy=multi-user.target
    
OVAL test results details

check for crypto policy correctly configured in /etc/crypto-policies/config  oval:ssg-test_configure_crypto_policy:tst:1  false

Following items have been found on the system:
PathContent
/etc/crypto-policies/configDEFAULT

check for crypto policy correctly configured in /etc/crypto-policies/state/current  oval:ssg-test_configure_crypto_policy_current:tst:1  false

Following items have been found on the system:
PathContent
/etc/crypto-policies/state/currentDEFAULT

Check if update-crypto-policies has been run  oval:ssg-test_crypto_policies_updated:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-variable_crypto_policies_config_file_timestamp:var:11705024154

Check if /etc/crypto-policies/back-ends/nss.config exists  oval:ssg-test_crypto_policy_nss_config:tst:1  true

Following items have been found on the system:
PathTypeUIDGIDSize (B)Permissions
/etc/crypto-policies/back-ends/nss.configregular00447rw-r--r-- 
Configure SSH to use System Crypto Policyxccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy mediumCCE-83445-7

Configure SSH to use System Crypto Policy

Rule IDxccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-configure_ssh_crypto_policy:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83445-7

References:  A.5.SEC-RHEL6, A.11.SEC-RHEL6, CCI-001453, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.312(e)(1), 164.312(e)(2)(ii), CIP-003-8 R4.2, CIP-007-3 R5.1, CIP-007-3 R7.1, AC-17(a), AC-17(2), CM-6(a), MA-4(6), SC-13, FCS_SSH_EXT.1, FCS_SSHS_EXT.1, FCS_SSHC_EXT.1, Req-2.2, 2.2, SRG-OS-000250-GPOS-00093, RHEL-09-255055, 5.2.14, SV-257987r925948_rule

Description
Crypto Policies provide a centralized control over crypto algorithms usage of many packages. SSH is supported by crypto policy, but the SSH configuration may be set up to ignore it. To check that Crypto Policies settings are configured correctly, ensure that the CRYPTO_POLICY variable is either commented or not set at all in the /etc/sysconfig/sshd.
Rationale
Overriding the system crypto policy makes the behavior of the SSH service violate expectations, and makes system configuration more fragmented.
OVAL test results details

Check that the SSH configuration mandates usage of system-wide crypto policies.  oval:ssg-test_configure_ssh_crypto_policy:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_configure_ssh_crypto_policy:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/sysconfig/sshd^\s*(?i)CRYPTO_POLICY\s*=.*$1
Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticatexccdf_org.ssgproject.content_rule_sudo_remove_no_authenticate mediumCCE-83544-7

Ensure Users Re-Authenticate for Privilege Escalation - sudo !authenticate

Rule IDxccdf_org.ssgproject.content_rule_sudo_remove_no_authenticate
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-sudo_remove_no_authenticate:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83544-7

References:  BP28(R5), BP28(R59), 1, 12, 15, 16, 5, DSS05.04, DSS05.10, DSS06.03, DSS06.10, CCI-002038, 4.3.3.5.1, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, SR 1.1, SR 1.10, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.7, SR 1.8, SR 1.9, A.18.1.4, A.9.2.1, A.9.2.2, A.9.2.3, A.9.2.4, A.9.2.6, A.9.3.1, A.9.4.2, A.9.4.3, IA-11, CM-6(a), PR.AC-1, PR.AC-7, SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158, RHEL-09-432025, SV-258086r926245_rule

Description
The sudo !authenticate option, when specified, allows a user to execute commands using sudo without having to authenticate. This should be disabled by making sure that the !authenticate option does not exist in /etc/sudoers configuration file or any sudo configuration snippets in /etc/sudoers.d/.
Rationale
Without re-authentication, users may access resources or perform tasks for which they do not have authorization.

When operating systems provide the capability to escalate a functional capability, it is critical that the user re-authenticate.
OVAL test results details

!authenticate does not exist in /etc/sudoers  oval:ssg-test_no_authenticate_etc_sudoers:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_no_authenticate_etc_sudoers:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/sudoers^(?!#).*[\s]+\!authenticate.*$1

!authenticate does not exist in /etc/sudoers.d  oval:ssg-test_no_authenticate_etc_sudoers_d:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_no_authenticate_etc_sudoers_d:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/sudoers.d^.*$^(?!#).*[\s]+\!authenticate.*$1
Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWDxccdf_org.ssgproject.content_rule_sudo_remove_nopasswd mediumCCE-83536-3

Ensure Users Re-Authenticate for Privilege Escalation - sudo NOPASSWD

Rule IDxccdf_org.ssgproject.content_rule_sudo_remove_nopasswd
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-sudo_remove_nopasswd:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83536-3

References:  BP28(R5), BP28(R59), 1, 12, 15, 16, 5, DSS05.04, DSS05.10, DSS06.03, DSS06.10, CCI-002038, 4.3.3.5.1, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, SR 1.1, SR 1.10, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.7, SR 1.8, SR 1.9, A.18.1.4, A.9.2.1, A.9.2.2, A.9.2.3, A.9.2.4, A.9.2.6, A.9.3.1, A.9.4.2, A.9.4.3, IA-11, CM-6(a), PR.AC-1, PR.AC-7, SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158, RHEL-09-611085, SV-258106r926305_rule

Description
The sudo NOPASSWD tag, when specified, allows a user to execute commands using sudo without having to authenticate. This should be disabled by making sure that the NOPASSWD tag does not exist in /etc/sudoers configuration file or any sudo configuration snippets in /etc/sudoers.d/.
Rationale
Without re-authentication, users may access resources or perform tasks for which they do not have authorization.

When operating systems provide the capability to escalate a functional capability, it is critical that the user re-authenticate.
OVAL test results details

NOPASSWD does not exist /etc/sudoers  oval:ssg-test_nopasswd_etc_sudoers:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_nopasswd_etc_sudoers:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/sudoers^(?!#).*[\s]+NOPASSWD[\s]*\:.*$1

NOPASSWD does not exist in /etc/sudoers.d  oval:ssg-test_nopasswd_etc_sudoers_d:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_nopasswd_etc_sudoers_d:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/sudoers.d^.*$^(?!#).*[\s]+NOPASSWD[\s]*\:.*$1
Ensure Users Re-Authenticate for Privilege Escalation - sudoxccdf_org.ssgproject.content_rule_sudo_require_authentication mediumCCE-83543-9

Ensure Users Re-Authenticate for Privilege Escalation - sudo

Rule IDxccdf_org.ssgproject.content_rule_sudo_require_authentication
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-sudo_require_authentication:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83543-9

References:  A.5.SEC-RHEL2, 1, 12, 15, 16, 5, DSS05.04, DSS05.10, DSS06.03, DSS06.10, CCI-002038, 4.3.3.5.1, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, SR 1.1, SR 1.10, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.7, SR 1.8, SR 1.9, A.18.1.4, A.9.2.1, A.9.2.2, A.9.2.3, A.9.2.4, A.9.2.6, A.9.3.1, A.9.4.2, A.9.4.3, IA-11, CM-6(a), PR.AC-1, PR.AC-7, SRG-OS-000373-GPOS-00156, 5.3.4

Description
The sudo NOPASSWD and !authenticate option, when specified, allows a user to execute commands using sudo without having to authenticate. This should be disabled by making sure that NOPASSWD and/or !authenticate do not exist in /etc/sudoers configuration file or any sudo configuration snippets in /etc/sudoers.d/."
Rationale
Without re-authentication, users may access resources or perform tasks for which they do not have authorization.

When operating systems provide the capability to escalate a functional capability, it is critical that the user re-authenticate.
OVAL test results details

!authenticate does not exist in /etc/sudoers  oval:ssg-test_no_authenticate_etc_sudoers:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_no_authenticate_etc_sudoers:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/sudoers^(?!#).*[\s]+\!authenticate.*$1

!authenticate does not exist in /etc/sudoers.d  oval:ssg-test_no_authenticate_etc_sudoers_d:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_no_authenticate_etc_sudoers_d:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/sudoers.d^.*$^(?!#).*[\s]+\!authenticate.*$1

NOPASSWD does not exist /etc/sudoers  oval:ssg-test_nopasswd_etc_sudoers:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_nopasswd_etc_sudoers:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/sudoers^(?!#).*[\s]+NOPASSWD[\s]*\:.*$1

NOPASSWD does not exist in /etc/sudoers.d  oval:ssg-test_nopasswd_etc_sudoers_d:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_nopasswd_etc_sudoers_d:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/sudoers.d^.*$^(?!#).*[\s]+NOPASSWD[\s]*\:.*$1
Install rear Packagexccdf_org.ssgproject.content_rule_package_rear_installed mediumCCE-83503-3

Install rear Package

Rule IDxccdf_org.ssgproject.content_rule_package_rear_installed
Result
notapplicable
Multi-check ruleno
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83503-3

Description
The rear package can be installed with the following command:
    $ sudo dnf install rear
Rationale
rear contains the Relax-and-Recover (ReaR) utility. ReaR produces a bootable image of a system and restores from backup using this image.
Configure dnf-automatic to Install Only Security Updatesxccdf_org.ssgproject.content_rule_dnf-automatic_security_updates_only lowCCE-83461-4

Configure dnf-automatic to Install Only Security Updates

Rule IDxccdf_org.ssgproject.content_rule_dnf-automatic_security_updates_only
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-dnf-automatic_security_updates_only:def:1
Time2024-02-25T14:39:36+08:00
Severitylow
Identifiers and References

Identifiers:  CCE-83461-4

References:  BP28(R8), SI-2(5), CM-6(a), SI-2(c), FMT_SMF_EXT.1, SRG-OS-000191-GPOS-00080

Description
To configure dnf-automatic to install only security updates automatically, set upgrade_type to security under [commands] section in /etc/dnf/automatic.conf.
Rationale
By default, dnf-automatic installs all available updates. Reducing the amount of updated packages only to updates that were issued as a part of a security advisory increases the system stability.


    found=false
    
    # set value in all files if they contain section or key
    for f in $(echo -n "/etc/dnf/automatic.conf"); do
        if [ ! -e "$f" ]; then
            continue
        fi
    
        # find key in section and change value
        if grep -qzosP "[[:space:]]*\[commands\]([^\n\[]*\n+)+?[[:space:]]*upgrade_type" "$f"; then
                sed -i "s/upgrade_type[^(\n)]*/upgrade_type = security/" "$f"
                found=true
    
        # find section and add key = value to it
        elif grep -qs "[[:space:]]*\[commands\]" "$f"; then
                sed -i "/[[:space:]]*\[commands\]/a upgrade_type = security" "$f"
                found=true
        fi
    done
    
    # if section not in any file, append section with key = value to FIRST file in files parameter
    if ! $found ; then
        file=$(echo "/etc/dnf/automatic.conf" | cut -f1 -d ' ')
        mkdir -p "$(dirname "$file")"
        echo -e "[commands]\nupgrade_type = security" >> "$file"
    fi
    
OVAL test results details

tests the value of upgrade_type setting in the /etc/dnf/automatic.conf file  oval:ssg-test_dnf-automatic_security_updates_only:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_dnf-automatic_security_updates_only:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/automatic.conf^\s*\[commands\].*(?:\n\s*[^[\s].*)*\n^\s*upgrade_type[ \t]*=[ \t]*(.+?)[ \t]*(?:$|#)1

The configuration file /etc/dnf/automatic.conf exists for dnf-automatic_security_updates_only  oval:ssg-test_dnf-automatic_security_updates_only_config_file_exists:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_dnf-automatic_security_updates_only_config_file:obj:1 of type file_object
Filepath
^/etc/dnf/automatic.conf
Ensure gpgcheck Enabled In Main dnf Configurationxccdf_org.ssgproject.content_rule_ensure_gpgcheck_globally_activated highCCE-83457-2

Ensure gpgcheck Enabled In Main dnf Configuration

Rule IDxccdf_org.ssgproject.content_rule_ensure_gpgcheck_globally_activated
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-ensure_gpgcheck_globally_activated:def:1
Time2024-02-25T14:39:36+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-83457-2

References:  BP28(R15), 11, 2, 3, 9, 5.10.4.1, APO01.06, BAI03.05, BAI06.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS06.02, 3.4.8, CCI-001749, 164.308(a)(1)(ii)(D), 164.312(b), 164.312(c)(1), 164.312(c)(2), 164.312(e)(2)(i), 4.3.4.3.2, 4.3.4.3.3, 4.3.4.4.4, SR 3.1, SR 3.3, SR 3.4, SR 3.8, SR 7.6, A.11.2.4, A.12.1.2, A.12.2.1, A.12.5.1, A.12.6.2, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, CM-5(3), SI-7, SC-12, SC-12(3), CM-6(a), SA-12, SA-12(10), CM-11(a), CM-11(b), PR.DS-6, PR.DS-8, PR.IP-1, FPT_TUD_EXT.1, FPT_TUD_EXT.2, Req-6.2, 6.3.3, SRG-OS-000366-GPOS-00153, RHEL-09-214015, 1.2.2, SV-257820r925447_rule

Description
The gpgcheck option controls whether RPM packages' signatures are always checked prior to installation. To configure dnf to check package signatures before installing them, ensure the following line appears in /etc/dnf/dnf.conf in the [main] section:
gpgcheck=1
Rationale
Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.
Accordingly, patches, service packs, device drivers, or operating system components must be signed with a certificate recognized and approved by the organization.
Verifying the authenticity of the software prior to installation validates the integrity of the patch or upgrade received from a vendor. This ensures the software has not been tampered with and that it has been provided by a trusted vendor. Self-signed certificates are disallowed by this requirement. Certificates used to verify the software must be from an approved Certificate Authority (CA).
OVAL test results details

check value of gpgcheck in /etc/dnf/dnf.conf  oval:ssg-test_ensure_gpgcheck_globally_activated:tst:1  true

Following items have been found on the system:
PathContent
/etc/dnf/dnf.confgpgcheck=1
Ensure gpgcheck Enabled for Local Packagesxccdf_org.ssgproject.content_rule_ensure_gpgcheck_local_packages highCCE-83463-0

Ensure gpgcheck Enabled for Local Packages

Rule IDxccdf_org.ssgproject.content_rule_ensure_gpgcheck_local_packages
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-ensure_gpgcheck_local_packages:def:1
Time2024-02-25T14:39:36+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-83463-0

References:  BP28(R15), 11, 3, 9, BAI10.01, BAI10.02, BAI10.03, BAI10.05, 3.4.8, CCI-001749, 164.308(a)(1)(ii)(D), 164.312(b), 164.312(c)(1), 164.312(c)(2), 164.312(e)(2)(i), 4.3.4.3.2, 4.3.4.3.3, SR 7.6, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, CM-11(a), CM-11(b), CM-6(a), CM-5(3), SA-12, SA-12(10), PR.IP-1, FPT_TUD_EXT.1, FPT_TUD_EXT.2, SRG-OS-000366-GPOS-00153, RHEL-09-214020, SV-257821r925450_rule

Description
dnf should be configured to verify the signature(s) of local packages prior to installation. To configure dnf to verify signatures of local packages, set the localpkg_gpgcheck to 1 in /etc/dnf/dnf.conf.
Rationale
Changes to any software components can have significant effects to the overall security of the operating system. This requirement ensures the software has not been tampered and has been provided by a trusted vendor.

Accordingly, patches, service packs, device drivers, or operating system components must be signed with a certificate recognized and approved by the organization.

# Remediation is applicable only in certain platforms
    if rpm --quiet -q yum; then
    
    # Strip any search characters in the key arg so that the key can be replaced without
    # adding any search characters to the config file.
    stripped_key=$(sed 's/[\^=\$,;+]*//g' <<< "^localpkg_gpgcheck")
    
    # shellcheck disable=SC2059
    printf -v formatted_output "%s = %s" "$stripped_key" "1"
    
    # If the key exists, change it. Otherwise, add it to the config_file.
    # We search for the key string followed by a word boundary (matched by \>),
    # so if we search for 'setting', 'setting2' won't match.
    if LC_ALL=C grep -q -m 1 -i -e "^localpkg_gpgcheck\\>" "/etc/dnf/dnf.conf"; then
        escaped_formatted_output=$(sed -e 's|/|\\/|g' <<< "$formatted_output")
        LC_ALL=C sed -i --follow-symlinks "s/^localpkg_gpgcheck\\>.*/$escaped_formatted_output/gi" "/etc/dnf/dnf.conf"
    else
        if [[ -s "/etc/dnf/dnf.conf" ]] && [[ -n "$(tail -c 1 -- "/etc/dnf/dnf.conf" || true)" ]]; then
            LC_ALL=C sed -i --follow-symlinks '$a'\\ "/etc/dnf/dnf.conf"
        fi
        cce="CCE-83463-0"
        printf '# Per %s: Set %s in %s\n' "${cce}" "${formatted_output}" "/etc/dnf/dnf.conf" >> "/etc/dnf/dnf.conf"
        printf '%s\n' "$formatted_output" >> "/etc/dnf/dnf.conf"
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:medium
Reboot:false
Strategy:unknown
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83463-0
      - DISA-STIG-RHEL-09-214020
      - NIST-800-171-3.4.8
      - NIST-800-53-CM-11(a)
      - NIST-800-53-CM-11(b)
      - NIST-800-53-CM-5(3)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SA-12
      - NIST-800-53-SA-12(10)
      - ensure_gpgcheck_local_packages
      - high_severity
      - low_complexity
      - medium_disruption
      - no_reboot_needed
      - unknown_strategy
    
    - name: Ensure GPG check Enabled for Local Packages (dnf)
      block:
    
      - name: Check stats of dnf
        stat:
          path: /etc/dnf/dnf.conf
        register: pkg
    
      - name: Check if config file of dnf is a symlink
        ansible.builtin.set_fact:
          pkg_config_file_symlink: '{{ pkg.stat.lnk_target if pkg.stat.lnk_target is match("^/.*")
            else "/etc/dnf/dnf.conf" | dirname ~ "/" ~ pkg.stat.lnk_target }}'
        when: pkg.stat.lnk_target is defined
    
      - name: Ensure GPG check Enabled for Local Packages (dnf)
        ini_file:
          dest: '{{ pkg_config_file_symlink |  default("/etc/dnf/dnf.conf") }}'
          section: main
          option: localpkg_gpgcheck
          value: 1
          no_extra_spaces: true
          create: true
      when: '"yum" in ansible_facts.packages'
      tags:
      - CCE-83463-0
      - DISA-STIG-RHEL-09-214020
      - NIST-800-171-3.4.8
      - NIST-800-53-CM-11(a)
      - NIST-800-53-CM-11(b)
      - NIST-800-53-CM-5(3)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SA-12
      - NIST-800-53-SA-12(10)
      - ensure_gpgcheck_local_packages
      - high_severity
      - low_complexity
      - medium_disruption
      - no_reboot_needed
      - unknown_strategy
    
OVAL test results details

check value of localpkg_gpgcheck in /etc/dnf/dnf.conf  oval:ssg-test_yum_ensure_gpgcheck_local_packages:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_yum_ensure_gpgcheck_local_packages:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/dnf.conf^\s*localpkg_gpgcheck\s*=\s*(1|True|yes)\s*$1
Ensure gpgcheck Enabled for All dnf Package Repositoriesxccdf_org.ssgproject.content_rule_ensure_gpgcheck_never_disabled highCCE-83464-8

Ensure gpgcheck Enabled for All dnf Package Repositories

Rule IDxccdf_org.ssgproject.content_rule_ensure_gpgcheck_never_disabled
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-ensure_gpgcheck_never_disabled:def:1
Time2024-02-25T14:39:36+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-83464-8

References:  BP28(R15), 11, 2, 3, 9, 5.10.4.1, APO01.06, BAI03.05, BAI06.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS06.02, 3.4.8, CCI-001749, 164.308(a)(1)(ii)(D), 164.312(b), 164.312(c)(1), 164.312(c)(2), 164.312(e)(2)(i), 4.3.4.3.2, 4.3.4.3.3, 4.3.4.4.4, SR 3.1, SR 3.3, SR 3.4, SR 3.8, SR 7.6, A.11.2.4, A.12.1.2, A.12.2.1, A.12.5.1, A.12.6.2, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, CM-5(3), SI-7, SC-12, SC-12(3), CM-6(a), SA-12, SA-12(10), CM-11(a), CM-11(b), PR.DS-6, PR.DS-8, PR.IP-1, FPT_TUD_EXT.1, FPT_TUD_EXT.2, Req-6.2, 6.3.3, SRG-OS-000366-GPOS-00153, RHEL-09-214025, SV-257822r925453_rule

Description
To ensure signature checking is not disabled for any repos, remove any lines from files in /etc/yum.repos.d of the form:
gpgcheck=0
Rationale
Verifying the authenticity of the software prior to installation validates the integrity of the patch or upgrade received from a vendor. This ensures the software has not been tampered with and that it has been provided by a trusted vendor. Self-signed certificates are disallowed by this requirement. Certificates used to verify the software must be from an approved Certificate Authority (CA)."
OVAL test results details

check for existence of gpgcheck=0 in /etc/yum.repos.d/ files  oval:ssg-test_ensure_gpgcheck_never_disabled:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_ensure_gpgcheck_never_disabled:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/yum.repos.d.*^\s*gpgcheck\s*=\s*0\s*$1
Ensure Red Hat GPG Key Installedxccdf_org.ssgproject.content_rule_ensure_redhat_gpgkey_installed highCCE-84180-9

Ensure Red Hat GPG Key Installed

Rule IDxccdf_org.ssgproject.content_rule_ensure_redhat_gpgkey_installed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-ensure_redhat_gpgkey_installed:def:1
Time2024-02-25T14:39:36+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-84180-9

References:  BP28(R15), 11, 2, 3, 9, 5.10.4.1, APO01.06, BAI03.05, BAI06.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS06.02, 3.4.8, CCI-001749, 164.308(a)(1)(ii)(D), 164.312(b), 164.312(c)(1), 164.312(c)(2), 164.312(e)(2)(i), 4.3.4.3.2, 4.3.4.3.3, 4.3.4.4.4, SR 3.1, SR 3.3, SR 3.4, SR 3.8, SR 7.6, A.11.2.4, A.12.1.2, A.12.2.1, A.12.5.1, A.12.6.2, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, CIP-003-8 R4.2, CIP-003-8 R6, CIP-007-3 R4, CIP-007-3 R4.1, CIP-007-3 R4.2, CIP-007-3 R5.1, CM-5(3), SI-7, SC-12, SC-12(3), CM-6(a), PR.DS-6, PR.DS-8, PR.IP-1, FPT_TUD_EXT.1, FPT_TUD_EXT.2, Req-6.2, SRG-OS-000366-GPOS-00153, RHEL-09-214010, 1.2.1, SV-257819r925444_rule

Description
To ensure the system can cryptographically verify base software packages come from Red Hat (and to connect to the Red Hat Network to receive them), the Red Hat GPG key must properly be installed. To install the Red Hat GPG key, run:
$ sudo subscription-manager register
If the system is not connected to the Internet or an RHN Satellite, then install the Red Hat GPG key from trusted media such as the Red Hat installation CD-ROM or DVD. Assuming the disc is mounted in /media/cdrom, use the following command as the root user to import it into the keyring:
$ sudo rpm --import /media/cdrom/RPM-GPG-KEY
Alternatively, the key may be pre-loaded during the RHEL installation. In such cases, the key can be installed by running the following command:
sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Rationale
Changes to software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor. The Red Hat GPG key is necessary to cryptographically verify packages are from Red Hat.
OVAL test results details

installed OS part of unix family  oval:ssg-test_rhel9_unix_family:tst:1  true

Following items have been found on the system:
Family
unix

installed OS part of unix family  oval:ssg-test_rhel9_unix_family:tst:1  true

Following items have been found on the system:
Family
unix

redhat-release is version 9  oval:ssg-test_rhel9:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
redhat-releaseaarch64(none)0.5.el99.30:9.3-0.5.el9199e2f91fd431d51redhat-release-0:9.3-0.5.el9.aarch64

redhat-release is version 9  oval:ssg-test_rhel9:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
redhat-releaseaarch64(none)0.5.el99.30:9.3-0.5.el9199e2f91fd431d51redhat-release-0:9.3-0.5.el9.aarch64

redhat-release-virtualization-host RPM package is installed  oval:ssg-test_rhvh4_version:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_rhvh4_version:obj:1 of type rpminfo_object
Name
redhat-release-virtualization-host

redhat-release-virtualization-host RPM package is installed  oval:ssg-test_rhvh4_version:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_rhvh4_version:obj:1 of type rpminfo_object
Name
redhat-release-virtualization-host

RHEVH base RHEL is version 9  oval:ssg-test_rhevh_rhel9_version:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_rhevh_rhel9_version:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/redhat-release^Red Hat Enterprise Linux release (\d)\.\d+$1

RHEVH base RHEL is version 9  oval:ssg-test_rhevh_rhel9_version:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_rhevh_rhel9_version:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/redhat-release^Red Hat Enterprise Linux release (\d)\.\d+$1

installed OS part of unix family  oval:ssg-test_rhel9_unix_family:tst:1  true

Following items have been found on the system:
Family
unix

installed OS part of unix family  oval:ssg-test_rhel9_unix_family:tst:1  true

Following items have been found on the system:
Family
unix

redhat-release is version 9  oval:ssg-test_rhel9:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
redhat-releaseaarch64(none)0.5.el99.30:9.3-0.5.el9199e2f91fd431d51redhat-release-0:9.3-0.5.el9.aarch64

redhat-release is version 9  oval:ssg-test_rhel9:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
redhat-releaseaarch64(none)0.5.el99.30:9.3-0.5.el9199e2f91fd431d51redhat-release-0:9.3-0.5.el9.aarch64

redhat-release-virtualization-host RPM package is installed  oval:ssg-test_rhvh4_version:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_rhvh4_version:obj:1 of type rpminfo_object
Name
redhat-release-virtualization-host

redhat-release-virtualization-host RPM package is installed  oval:ssg-test_rhvh4_version:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_rhvh4_version:obj:1 of type rpminfo_object
Name
redhat-release-virtualization-host

RHEVH base RHEL is version 9  oval:ssg-test_rhevh_rhel9_version:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_rhevh_rhel9_version:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/redhat-release^Red Hat Enterprise Linux release (\d)\.\d+$1

RHEVH base RHEL is version 9  oval:ssg-test_rhevh_rhel9_version:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_rhevh_rhel9_version:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/redhat-release^Red Hat Enterprise Linux release (\d)\.\d+$1

Red Hat release key package is installed  oval:ssg-test_package_gpgkey-fd431d51-4ae0493b_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gpg-pubkey(none)(none)6229229e5a6340b30:5a6340b3-6229229e0gpg-pubkey-0:5a6340b3-6229229e.(none)
gpg-pubkey(none)(none)4ae0493bfd431d510:fd431d51-4ae0493b0gpg-pubkey-0:fd431d51-4ae0493b.(none)
gpg-pubkey(none)(none)613798eb3228467c0:3228467c-613798eb0gpg-pubkey-0:3228467c-613798eb.(none)

Red Hat auxiliary key package is installed  oval:ssg-test_package_gpgkey-5a6340b3-6229229e_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gpg-pubkey(none)(none)6229229e5a6340b30:5a6340b3-6229229e0gpg-pubkey-0:5a6340b3-6229229e.(none)
gpg-pubkey(none)(none)4ae0493bfd431d510:fd431d51-4ae0493b0gpg-pubkey-0:fd431d51-4ae0493b.(none)
gpg-pubkey(none)(none)613798eb3228467c0:3228467c-613798eb0gpg-pubkey-0:3228467c-613798eb.(none)

Test installed OS is part of the unix family  oval:ssg-test_unix_family:tst:1  true

Following items have been found on the system:
Family
unix

Test installed OS is part of the unix family  oval:ssg-test_unix_family:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_unix_family:obj:1 of type family_object

Test installed OS is part of the unix family  oval:ssg-test_unix_family:tst:1  true

Following items have been found on the system:
Family
unix

Test installed OS is part of the unix family  oval:ssg-test_unix_family:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_unix_family:obj:1 of type family_object

Check os-release ID  oval:ssg-test_centos9_name:tst:1  false

Following items have been found on the system:
PathContent
/etc/os-releaseID="rhel"

Check os-release ID  oval:ssg-test_centos9_name:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-obj_name_centos9:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/os-release^ID="(\w+)"$1

Check os-release VERSION_ID  oval:ssg-test_centos9_version:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_version_centos9:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/os-release^VERSION_ID="(\d)"$1

Check os-release VERSION_ID  oval:ssg-test_centos9_version:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-obj_version_centos9:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/os-release^VERSION_ID="(\d)"$1

Test installed OS is part of the unix family  oval:ssg-test_unix_family:tst:1  true

Following items have been found on the system:
Family
unix

Test installed OS is part of the unix family  oval:ssg-test_unix_family:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_unix_family:obj:1 of type family_object

Test installed OS is part of the unix family  oval:ssg-test_unix_family:tst:1  true

Following items have been found on the system:
Family
unix

Test installed OS is part of the unix family  oval:ssg-test_unix_family:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_unix_family:obj:1 of type family_object

Check os-release ID  oval:ssg-test_centos9_name:tst:1  false

Following items have been found on the system:
PathContent
/etc/os-releaseID="rhel"

Check os-release ID  oval:ssg-test_centos9_name:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-obj_name_centos9:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/os-release^ID="(\w+)"$1

Check os-release VERSION_ID  oval:ssg-test_centos9_version:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_version_centos9:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/os-release^VERSION_ID="(\d)"$1

Check os-release VERSION_ID  oval:ssg-test_centos9_version:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-obj_version_centos9:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/os-release^VERSION_ID="(\d)"$1

CentOS9 key package is installed  oval:ssg-test_package_gpgkey-8483c65d-5ccc5b19_installed:tst:1  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gpg-pubkey(none)(none)6229229e5a6340b30:5a6340b3-6229229e0gpg-pubkey-0:5a6340b3-6229229e.(none)
gpg-pubkey(none)(none)4ae0493bfd431d510:fd431d51-4ae0493b0gpg-pubkey-0:fd431d51-4ae0493b.(none)
gpg-pubkey(none)(none)613798eb3228467c0:3228467c-613798eb0gpg-pubkey-0:3228467c-613798eb.(none)
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240952
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:115.8.0-1.el9_3  oval:com.redhat.rhsa:tst:20240952001  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:115.8.0-1.el9_3  oval:com.redhat.rhsa:tst:20240952003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240951
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

postgresql is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-docs is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-plperl is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plperl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plpython3 is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-plpython3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-pltcl is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-pltcl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-private-devel is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-libs is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-private-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server-devel is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-server-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-static is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-test is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-upgrade is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade-devel is earlier than 0:13.14-1.el9_3  oval:com.redhat.rhsa:tst:20240951027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel

postgresql-upgrade-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240950
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module postgresql:15 is enabled  oval:com.redhat.rhsa:tst:20234327037  true

Following items have been found on the system:
PathContent
/etc/dnf/modules.d/postgresql.module[postgresql] name=postgresql stream=15 profiles=server state=enabled

pg_repack is earlier than 0:1.4.8-1.module+el9.2.0+17405+aeb9ec60  oval:com.redhat.rhsa:tst:20234327001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327001 of type rpminfo_object
Name
pg_repack

pg_repack is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327001 of type rpminfo_object
Name
pg_repack

pgaudit is earlier than 0:1.7.0-1.module+el9.2.0+17405+aeb9ec60  oval:com.redhat.rhsa:tst:20234327003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327002 of type rpminfo_object
Name
pgaudit

pgaudit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327002 of type rpminfo_object
Name
pgaudit

postgres-decoderbufs is earlier than 0:1.9.7-1.Final.module+el9.2.0+17405+aeb9ec60  oval:com.redhat.rhsa:tst:20234327005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327003 of type rpminfo_object
Name
postgres-decoderbufs

postgres-decoderbufs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327003 of type rpminfo_object
Name
postgres-decoderbufs

postgresql is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950007  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950009  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-docs is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-plperl is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plperl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plpython3 is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-plpython3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-pltcl is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-pltcl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-private-devel is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-libs is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950021  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-private-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950023  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server-devel is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-server-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-static is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-test is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-test-rpm-macros is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327016 of type rpminfo_object
Name
postgresql-test-rpm-macros

postgresql-test-rpm-macros is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327016 of type rpminfo_object
Name
postgresql-test-rpm-macros

postgresql-upgrade is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade-devel is earlier than 0:15.6-1.module+el9.3.0+21283+b0ea34b6  oval:com.redhat.rhsa:tst:20240950035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel

postgresql-upgrade-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240848
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-8.0 is earlier than 0:8.0.2-2.el9_3  oval:com.redhat.rhsa:tst:20240848001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253001 of type rpminfo_object
Name
aspnetcore-runtime-8.0

aspnetcore-runtime-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253001 of type rpminfo_object
Name
aspnetcore-runtime-8.0

aspnetcore-runtime-dbg-8.0 is earlier than 0:8.0.2-2.el9_3  oval:com.redhat.rhsa:tst:20240848003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240848002 of type rpminfo_object
Name
aspnetcore-runtime-dbg-8.0

aspnetcore-runtime-dbg-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240848004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240848002 of type rpminfo_object
Name
aspnetcore-runtime-dbg-8.0

aspnetcore-targeting-pack-8.0 is earlier than 0:8.0.2-2.el9_3  oval:com.redhat.rhsa:tst:20240848005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253002 of type rpminfo_object
Name
aspnetcore-targeting-pack-8.0

aspnetcore-targeting-pack-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253002 of type rpminfo_object
Name
aspnetcore-targeting-pack-8.0

dotnet-apphost-pack-8.0 is earlier than 0:8.0.2-2.el9_3  oval:com.redhat.rhsa:tst:20240848007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253003 of type rpminfo_object
Name
dotnet-apphost-pack-8.0

dotnet-apphost-pack-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253003 of type rpminfo_object
Name
dotnet-apphost-pack-8.0

dotnet-host is earlier than 0:8.0.2-2.el9_3  oval:com.redhat.rhsa:tst:20240848009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-8.0 is earlier than 0:8.0.2-2.el9_3  oval:com.redhat.rhsa:tst:20240848011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253005 of type rpminfo_object
Name
dotnet-hostfxr-8.0

dotnet-hostfxr-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253005 of type rpminfo_object
Name
dotnet-hostfxr-8.0

dotnet-runtime-8.0 is earlier than 0:8.0.2-2.el9_3  oval:com.redhat.rhsa:tst:20240848013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253006 of type rpminfo_object
Name
dotnet-runtime-8.0

dotnet-runtime-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253006 of type rpminfo_object
Name
dotnet-runtime-8.0

dotnet-runtime-dbg-8.0 is earlier than 0:8.0.2-2.el9_3  oval:com.redhat.rhsa:tst:20240848015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240848008 of type rpminfo_object
Name
dotnet-runtime-dbg-8.0

dotnet-runtime-dbg-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240848016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240848008 of type rpminfo_object
Name
dotnet-runtime-dbg-8.0

dotnet-sdk-8.0 is earlier than 0:8.0.102-2.el9_3  oval:com.redhat.rhsa:tst:20240848017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253007 of type rpminfo_object
Name
dotnet-sdk-8.0

dotnet-sdk-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253007 of type rpminfo_object
Name
dotnet-sdk-8.0

dotnet-sdk-8.0-source-built-artifacts is earlier than 0:8.0.102-2.el9_3  oval:com.redhat.rhsa:tst:20240848019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253008 of type rpminfo_object
Name
dotnet-sdk-8.0-source-built-artifacts

dotnet-sdk-8.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253008 of type rpminfo_object
Name
dotnet-sdk-8.0-source-built-artifacts

dotnet-sdk-dbg-8.0 is earlier than 0:8.0.102-2.el9_3  oval:com.redhat.rhsa:tst:20240848021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240848011 of type rpminfo_object
Name
dotnet-sdk-dbg-8.0

dotnet-sdk-dbg-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240848022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240848011 of type rpminfo_object
Name
dotnet-sdk-dbg-8.0

dotnet-targeting-pack-8.0 is earlier than 0:8.0.2-2.el9_3  oval:com.redhat.rhsa:tst:20240848023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253009 of type rpminfo_object
Name
dotnet-targeting-pack-8.0

dotnet-targeting-pack-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253009 of type rpminfo_object
Name
dotnet-targeting-pack-8.0

dotnet-templates-8.0 is earlier than 0:8.0.102-2.el9_3  oval:com.redhat.rhsa:tst:20240848025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253010 of type rpminfo_object
Name
dotnet-templates-8.0

dotnet-templates-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253010 of type rpminfo_object
Name
dotnet-templates-8.0

netstandard-targeting-pack-2.1 is earlier than 0:8.0.102-2.el9_3  oval:com.redhat.rhsa:tst:20240848027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240811
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

sudo is earlier than 0:1.9.5p2-10.el9_3  oval:com.redhat.rhsa:tst:20240811001  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
sudoaarch64(none)9.el91.9.5p20:1.9.5p2-9.el9199e2f91fd431d51sudo-0:1.9.5p2-9.el9.aarch64

sudo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230282002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
sudoaarch64(none)9.el91.9.5p20:1.9.5p2-9.el9199e2f91fd431d51sudo-0:1.9.5p2-9.el9.aarch64

sudo-python-plugin is earlier than 0:1.9.5p2-10.el9_3  oval:com.redhat.rhsa:tst:20240811003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230282002 of type rpminfo_object
Name
sudo-python-plugin

sudo-python-plugin is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230282004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230282002 of type rpminfo_object
Name
sudo-python-plugin
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240807
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.27-1.el9_3  oval:com.redhat.rhsa:tst:20240807001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.27-1.el9_3  oval:com.redhat.rhsa:tst:20240807003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.27-1.el9_3  oval:com.redhat.rhsa:tst:20240807005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-hostfxr-6.0 is earlier than 0:6.0.27-1.el9_3  oval:com.redhat.rhsa:tst:20240807007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.27-1.el9_3  oval:com.redhat.rhsa:tst:20240807009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.127-1.el9_3  oval:com.redhat.rhsa:tst:20240807011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.127-1.el9_3  oval:com.redhat.rhsa:tst:20240807013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.27-1.el9_3  oval:com.redhat.rhsa:tst:20240807015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.127-1.el9_3  oval:com.redhat.rhsa:tst:20240807017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240805
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-7.0 is earlier than 0:7.0.16-1.el9_3  oval:com.redhat.rhsa:tst:20240805001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-targeting-pack-7.0 is earlier than 0:7.0.16-1.el9_3  oval:com.redhat.rhsa:tst:20240805003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

aspnetcore-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

dotnet-apphost-pack-7.0 is earlier than 0:7.0.16-1.el9_3  oval:com.redhat.rhsa:tst:20240805005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-apphost-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-hostfxr-7.0 is earlier than 0:7.0.16-1.el9_3  oval:com.redhat.rhsa:tst:20240805007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-hostfxr-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-runtime-7.0 is earlier than 0:7.0.16-1.el9_3  oval:com.redhat.rhsa:tst:20240805009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-sdk-7.0 is earlier than 0:7.0.116-1.el9_3  oval:com.redhat.rhsa:tst:20240805011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0-source-built-artifacts is earlier than 0:7.0.116-1.el9_3  oval:com.redhat.rhsa:tst:20240805013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-sdk-7.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-targeting-pack-7.0 is earlier than 0:7.0.16-1.el9_3  oval:com.redhat.rhsa:tst:20240805015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-templates-7.0 is earlier than 0:7.0.116-1.el9_3  oval:com.redhat.rhsa:tst:20240805017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

dotnet-templates-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240790
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nspr is earlier than 0:4.35.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790001  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nspraarch64(none)4.el9_34.35.00:4.35.0-4.el9_3199e2f91fd431d51nspr-0:4.35.0-4.el9_3.aarch64

nspr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nspraarch64(none)4.el9_34.35.00:4.35.0-4.el9_3199e2f91fd431d51nspr-0:4.35.0-4.el9_3.aarch64

nspr-devel is earlier than 0:4.35.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368002 of type rpminfo_object
Name
nspr-devel

nspr-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368002 of type rpminfo_object
Name
nspr-devel

nss is earlier than 0:3.90.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790005  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nssaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-0:3.90.0-4.el9_3.aarch64

nss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nssaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-0:3.90.0-4.el9_3.aarch64

nss-devel is earlier than 0:3.90.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368004 of type rpminfo_object
Name
nss-devel

nss-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368004 of type rpminfo_object
Name
nss-devel

nss-softokn is earlier than 0:3.90.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790009  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softoknaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-0:3.90.0-4.el9_3.aarch64

nss-softokn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softoknaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-0:3.90.0-4.el9_3.aarch64

nss-softokn-devel is earlier than 0:3.90.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368006 of type rpminfo_object
Name
nss-softokn-devel

nss-softokn-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368006 of type rpminfo_object
Name
nss-softokn-devel

nss-softokn-freebl is earlier than 0:3.90.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790013  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softokn-freeblaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-freebl-0:3.90.0-4.el9_3.aarch64

nss-softokn-freebl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softokn-freeblaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-freebl-0:3.90.0-4.el9_3.aarch64

nss-softokn-freebl-devel is earlier than 0:3.90.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368008 of type rpminfo_object
Name
nss-softokn-freebl-devel

nss-softokn-freebl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368008 of type rpminfo_object
Name
nss-softokn-freebl-devel

nss-sysinit is earlier than 0:3.90.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790017  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-sysinitaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-sysinit-0:3.90.0-4.el9_3.aarch64

nss-sysinit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-sysinitaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-sysinit-0:3.90.0-4.el9_3.aarch64

nss-tools is earlier than 0:3.90.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368010 of type rpminfo_object
Name
nss-tools

nss-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368010 of type rpminfo_object
Name
nss-tools

nss-util is earlier than 0:3.90.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790021  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-utilaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-util-0:3.90.0-4.el9_3.aarch64

nss-util is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368022  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-utilaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-util-0:3.90.0-4.el9_3.aarch64

nss-util-devel is earlier than 0:3.90.0-6.el9_3  oval:com.redhat.rhsa:tst:20240790023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368012 of type rpminfo_object
Name
nss-util-devel

nss-util-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368012 of type rpminfo_object
Name
nss-util-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240675
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gimp is earlier than 2:2.99.8-4.el9_3  oval:com.redhat.rhsa:tst:20240675001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227978001 of type rpminfo_object
Name
gimp

gimp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227978002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227978001 of type rpminfo_object
Name
gimp

gimp-libs is earlier than 2:2.99.8-4.el9_3  oval:com.redhat.rhsa:tst:20240675003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227978002 of type rpminfo_object
Name
gimp-libs

gimp-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227978004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227978002 of type rpminfo_object
Name
gimp-libs
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240670
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

runc is earlier than 4:1.1.12-1.el9_3  oval:com.redhat.rhsa:tst:20240670001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228090001 of type rpminfo_object
Name
runc

runc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228090002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228090001 of type rpminfo_object
Name
runc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240603
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:115.7.0-1.el9_3  oval:com.redhat.rhsa:tst:20240603001  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:115.7.0-1.el9_3  oval:com.redhat.rhsa:tst:20240603003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240602
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:115.7.0-1.el9_3  oval:com.redhat.rhsa:tst:20240602001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240557
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tigervnc is earlier than 0:1.13.1-3.el9_3.6  oval:com.redhat.rhsa:tst:20240557001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622001 of type rpminfo_object
Name
tigervnc

tigervnc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622001 of type rpminfo_object
Name
tigervnc

tigervnc-icons is earlier than 0:1.13.1-3.el9_3.6  oval:com.redhat.rhsa:tst:20240557003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622002 of type rpminfo_object
Name
tigervnc-icons

tigervnc-icons is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622002 of type rpminfo_object
Name
tigervnc-icons

tigervnc-license is earlier than 0:1.13.1-3.el9_3.6  oval:com.redhat.rhsa:tst:20240557005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622003 of type rpminfo_object
Name
tigervnc-license

tigervnc-license is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622003 of type rpminfo_object
Name
tigervnc-license

tigervnc-selinux is earlier than 0:1.13.1-3.el9_3.6  oval:com.redhat.rhsa:tst:20240557007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622004 of type rpminfo_object
Name
tigervnc-selinux

tigervnc-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622004 of type rpminfo_object
Name
tigervnc-selinux

tigervnc-server is earlier than 0:1.13.1-3.el9_3.6  oval:com.redhat.rhsa:tst:20240557009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622005 of type rpminfo_object
Name
tigervnc-server

tigervnc-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622005 of type rpminfo_object
Name
tigervnc-server

tigervnc-server-minimal is earlier than 0:1.13.1-3.el9_3.6  oval:com.redhat.rhsa:tst:20240557011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622006 of type rpminfo_object
Name
tigervnc-server-minimal

tigervnc-server-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622006 of type rpminfo_object
Name
tigervnc-server-minimal

tigervnc-server-module is earlier than 0:1.13.1-3.el9_3.6  oval:com.redhat.rhsa:tst:20240557013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622007 of type rpminfo_object
Name
tigervnc-server-module

tigervnc-server-module is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622007 of type rpminfo_object
Name
tigervnc-server-module
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240533
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gnutls is earlier than 0:3.7.6-23.el9_3.3  oval:com.redhat.rhsa:tst:20240533001  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gnutlsaarch64(none)23.el93.7.60:3.7.6-23.el9199e2f91fd431d51gnutls-0:3.7.6-23.el9.aarch64

gnutls is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gnutlsaarch64(none)23.el93.7.60:3.7.6-23.el9199e2f91fd431d51gnutls-0:3.7.6-23.el9.aarch64

gnutls-c++ is earlier than 0:3.7.6-23.el9_3.3  oval:com.redhat.rhsa:tst:20240533003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854002 of type rpminfo_object
Name
gnutls-c++

gnutls-c++ is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854002 of type rpminfo_object
Name
gnutls-c++

gnutls-dane is earlier than 0:3.7.6-23.el9_3.3  oval:com.redhat.rhsa:tst:20240533005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854003 of type rpminfo_object
Name
gnutls-dane

gnutls-dane is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854003 of type rpminfo_object
Name
gnutls-dane

gnutls-devel is earlier than 0:3.7.6-23.el9_3.3  oval:com.redhat.rhsa:tst:20240533007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854004 of type rpminfo_object
Name
gnutls-devel

gnutls-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854004 of type rpminfo_object
Name
gnutls-devel

gnutls-utils is earlier than 0:3.7.6-23.el9_3.3  oval:com.redhat.rhsa:tst:20240533009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854005 of type rpminfo_object
Name
gnutls-utils

gnutls-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854005 of type rpminfo_object
Name
gnutls-utils
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240477
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

frr is earlier than 0:8.3.1-11.el9_3.2  oval:com.redhat.rhsa:tst:20240477001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228112001 of type rpminfo_object
Name
frr

frr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228112002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228112001 of type rpminfo_object
Name
frr

frr-selinux is earlier than 0:8.3.1-11.el9_3.2  oval:com.redhat.rhsa:tst:20240477003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232202002 of type rpminfo_object
Name
frr-selinux

frr-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232202004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232202002 of type rpminfo_object
Name
frr-selinux
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240474
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tomcat is earlier than 1:9.0.62-37.el9_3.1  oval:com.redhat.rhsa:tst:20240474001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929001 of type rpminfo_object
Name
tomcat

tomcat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929001 of type rpminfo_object
Name
tomcat

tomcat-admin-webapps is earlier than 1:9.0.62-37.el9_3.1  oval:com.redhat.rhsa:tst:20240474003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929002 of type rpminfo_object
Name
tomcat-admin-webapps

tomcat-admin-webapps is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929002 of type rpminfo_object
Name
tomcat-admin-webapps

tomcat-docs-webapp is earlier than 1:9.0.62-37.el9_3.1  oval:com.redhat.rhsa:tst:20240474005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929003 of type rpminfo_object
Name
tomcat-docs-webapp

tomcat-docs-webapp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929003 of type rpminfo_object
Name
tomcat-docs-webapp

tomcat-el-3.0-api is earlier than 1:9.0.62-37.el9_3.1  oval:com.redhat.rhsa:tst:20240474007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929004 of type rpminfo_object
Name
tomcat-el-3.0-api

tomcat-el-3.0-api is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929004 of type rpminfo_object
Name
tomcat-el-3.0-api

tomcat-jsp-2.3-api is earlier than 1:9.0.62-37.el9_3.1  oval:com.redhat.rhsa:tst:20240474009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929005 of type rpminfo_object
Name
tomcat-jsp-2.3-api

tomcat-jsp-2.3-api is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929005 of type rpminfo_object
Name
tomcat-jsp-2.3-api

tomcat-lib is earlier than 1:9.0.62-37.el9_3.1  oval:com.redhat.rhsa:tst:20240474011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929006 of type rpminfo_object
Name
tomcat-lib

tomcat-lib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929006 of type rpminfo_object
Name
tomcat-lib

tomcat-servlet-4.0-api is earlier than 1:9.0.62-37.el9_3.1  oval:com.redhat.rhsa:tst:20240474013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929007 of type rpminfo_object
Name
tomcat-servlet-4.0-api

tomcat-servlet-4.0-api is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929007 of type rpminfo_object
Name
tomcat-servlet-4.0-api

tomcat-webapps is earlier than 1:9.0.62-37.el9_3.1  oval:com.redhat.rhsa:tst:20240474015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929008 of type rpminfo_object
Name
tomcat-webapps

tomcat-webapps is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929008 of type rpminfo_object
Name
tomcat-webapps
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240468
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

grub2-common is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468001  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-commonnoarch170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-common-1:2.06-70.el9_3.1.noarch

grub2-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-commonnoarch170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-common-1:2.06-70.el9_3.1.noarch

grub2-efi-aa64 is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468003  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-efi-aa64aarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-efi-aa64-1:2.06-70.el9_3.1.aarch64

grub2-efi-aa64 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-efi-aa64aarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-efi-aa64-1:2.06-70.el9_3.1.aarch64

grub2-efi-aa64-cdboot is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099003 of type rpminfo_object
Name
grub2-efi-aa64-cdboot

grub2-efi-aa64-cdboot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099003 of type rpminfo_object
Name
grub2-efi-aa64-cdboot

grub2-efi-aa64-modules is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099004 of type rpminfo_object
Name
grub2-efi-aa64-modules

grub2-efi-aa64-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099004 of type rpminfo_object
Name
grub2-efi-aa64-modules

grub2-efi-x64 is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099005 of type rpminfo_object
Name
grub2-efi-x64

grub2-efi-x64 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099005 of type rpminfo_object
Name
grub2-efi-x64

grub2-efi-x64-cdboot is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099006 of type rpminfo_object
Name
grub2-efi-x64-cdboot

grub2-efi-x64-cdboot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099006 of type rpminfo_object
Name
grub2-efi-x64-cdboot

grub2-efi-x64-modules is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099007 of type rpminfo_object
Name
grub2-efi-x64-modules

grub2-efi-x64-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099007 of type rpminfo_object
Name
grub2-efi-x64-modules

grub2-pc is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099008 of type rpminfo_object
Name
grub2-pc

grub2-pc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099008 of type rpminfo_object
Name
grub2-pc

grub2-pc-modules is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099009 of type rpminfo_object
Name
grub2-pc-modules

grub2-pc-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099009 of type rpminfo_object
Name
grub2-pc-modules

grub2-ppc64le is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099010 of type rpminfo_object
Name
grub2-ppc64le

grub2-ppc64le is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099010 of type rpminfo_object
Name
grub2-ppc64le

grub2-ppc64le-modules is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099011 of type rpminfo_object
Name
grub2-ppc64le-modules

grub2-ppc64le-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099011 of type rpminfo_object
Name
grub2-ppc64le-modules

grub2-tools is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468023  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-toolsaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-1:2.06-70.el9_3.1.aarch64

grub2-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099024  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-toolsaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-1:2.06-70.el9_3.1.aarch64

grub2-tools-efi is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099013 of type rpminfo_object
Name
grub2-tools-efi

grub2-tools-efi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099013 of type rpminfo_object
Name
grub2-tools-efi

grub2-tools-extra is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099014 of type rpminfo_object
Name
grub2-tools-extra

grub2-tools-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099014 of type rpminfo_object
Name
grub2-tools-extra

grub2-tools-minimal is earlier than 1:2.06-70.el9_3.2  oval:com.redhat.rhsa:tst:20240468029  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-tools-minimalaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-minimal-1:2.06-70.el9_3.1.aarch64

grub2-tools-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099030  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-tools-minimalaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-minimal-1:2.06-70.el9_3.1.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240466
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python-unversioned-command is earlier than 0:3.9.18-1.el9_3.1  oval:com.redhat.rhsa:tst:20240466001  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python-unversioned-command is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python3 is earlier than 0:3.9.18-1.el9_3.1  oval:com.redhat.rhsa:tst:20240466003  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3-debug is earlier than 0:3.9.18-1.el9_3.1  oval:com.redhat.rhsa:tst:20240466005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-devel is earlier than 0:3.9.18-1.el9_3.1  oval:com.redhat.rhsa:tst:20240466007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-idle is earlier than 0:3.9.18-1.el9_3.1  oval:com.redhat.rhsa:tst:20240466009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-idle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-libs is earlier than 0:3.9.18-1.el9_3.1  oval:com.redhat.rhsa:tst:20240466011  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-test is earlier than 0:3.9.18-1.el9_3.1  oval:com.redhat.rhsa:tst:20240466013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-tkinter is earlier than 0:3.9.18-1.el9_3.1  oval:com.redhat.rhsa:tst:20240466015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter

python3-tkinter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240465
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

sqlite is earlier than 0:3.34.1-7.el9_3  oval:com.redhat.rhsa:tst:20240465001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230339001 of type rpminfo_object
Name
sqlite

sqlite is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230339002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230339001 of type rpminfo_object
Name
sqlite

sqlite-devel is earlier than 0:3.34.1-7.el9_3  oval:com.redhat.rhsa:tst:20240465003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230339002 of type rpminfo_object
Name
sqlite-devel

sqlite-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230339004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230339002 of type rpminfo_object
Name
sqlite-devel

sqlite-libs is earlier than 0:3.34.1-7.el9_3  oval:com.redhat.rhsa:tst:20240465005  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
sqlite-libsaarch64(none)6.el9_13.34.10:3.34.1-6.el9_1199e2f91fd431d51sqlite-libs-0:3.34.1-6.el9_1.aarch64

sqlite-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230339006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
sqlite-libsaarch64(none)6.el9_13.34.10:3.34.1-6.el9_1199e2f91fd431d51sqlite-libs-0:3.34.1-6.el9_1.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240464
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-urllib3 is earlier than 0:1.26.5-3.el9_3.1  oval:com.redhat.rhsa:tst:20240464001  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-urllib3noarch(none)3.el91.26.50:1.26.5-3.el9199e2f91fd431d51python3-urllib3-0:1.26.5-3.el9.noarch

python3-urllib3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240464002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-urllib3noarch(none)3.el91.26.50:1.26.5-3.el9199e2f91fd431d51python3-urllib3-0:1.26.5-3.el9.noarch
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240463
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-rpm is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463001  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-rpmaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51python3-rpm-0:4.16.1.3-25.el9.aarch64

python3-rpm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-rpmaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51python3-rpm-0:4.16.1.3-25.el9.aarch64

rpm is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463003  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpmaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-0:4.16.1.3-25.el9.aarch64

rpm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpmaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-0:4.16.1.3-25.el9.aarch64

rpm-apidocs is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463003 of type rpminfo_object
Name
rpm-apidocs

rpm-apidocs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463003 of type rpminfo_object
Name
rpm-apidocs

rpm-build is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463004 of type rpminfo_object
Name
rpm-build

rpm-build is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463004 of type rpminfo_object
Name
rpm-build

rpm-build-libs is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463009  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-build-libsaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-build-libs-0:4.16.1.3-25.el9.aarch64

rpm-build-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-build-libsaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-build-libs-0:4.16.1.3-25.el9.aarch64

rpm-cron is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463006 of type rpminfo_object
Name
rpm-cron

rpm-cron is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463006 of type rpminfo_object
Name
rpm-cron

rpm-devel is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463007 of type rpminfo_object
Name
rpm-devel

rpm-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463007 of type rpminfo_object
Name
rpm-devel

rpm-libs is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463015  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-libsaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-libs-0:4.16.1.3-25.el9.aarch64

rpm-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-libsaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-libs-0:4.16.1.3-25.el9.aarch64

rpm-plugin-audit is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463017  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-plugin-auditaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-plugin-audit-0:4.16.1.3-25.el9.aarch64

rpm-plugin-audit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-plugin-auditaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-plugin-audit-0:4.16.1.3-25.el9.aarch64

rpm-plugin-fapolicyd is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463010 of type rpminfo_object
Name
rpm-plugin-fapolicyd

rpm-plugin-fapolicyd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463010 of type rpminfo_object
Name
rpm-plugin-fapolicyd

rpm-plugin-ima is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463011 of type rpminfo_object
Name
rpm-plugin-ima

rpm-plugin-ima is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463011 of type rpminfo_object
Name
rpm-plugin-ima

rpm-plugin-selinux is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463023  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-plugin-selinuxaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-plugin-selinux-0:4.16.1.3-25.el9.aarch64

rpm-plugin-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463024  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-plugin-selinuxaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-plugin-selinux-0:4.16.1.3-25.el9.aarch64

rpm-plugin-syslog is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463013 of type rpminfo_object
Name
rpm-plugin-syslog

rpm-plugin-syslog is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463013 of type rpminfo_object
Name
rpm-plugin-syslog

rpm-plugin-systemd-inhibit is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463027  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-plugin-systemd-inhibitaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-plugin-systemd-inhibit-0:4.16.1.3-25.el9.aarch64

rpm-plugin-systemd-inhibit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463028  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-plugin-systemd-inhibitaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-plugin-systemd-inhibit-0:4.16.1.3-25.el9.aarch64

rpm-sign is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463015 of type rpminfo_object
Name
rpm-sign

rpm-sign is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240463015 of type rpminfo_object
Name
rpm-sign

rpm-sign-libs is earlier than 0:4.16.1.3-27.el9_3  oval:com.redhat.rhsa:tst:20240463031  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-sign-libsaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-sign-libs-0:4.16.1.3-25.el9.aarch64

rpm-sign-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240463032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rpm-sign-libsaarch64(none)25.el94.16.1.30:4.16.1.3-25.el9199e2f91fd431d51rpm-sign-libs-0:4.16.1.3-25.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240387
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module php:8.1 is enabled  oval:com.redhat.rhsa:tst:20232417063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417032 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/php.module\[php\][\w\W]*1

apcu-panel is earlier than 0:5.1.21-1.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417001 of type rpminfo_object
Name
apcu-panel

apcu-panel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417001 of type rpminfo_object
Name
apcu-panel

php is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php-bcmath is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-bcmath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-cli is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-cli is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-common is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-dba is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dbg is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-dbg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-devel is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-embedded is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-embedded is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-enchant is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-enchant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-ffi is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-ffi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-fpm is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-fpm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-gd is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gmp is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-gmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-intl is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-intl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-ldap is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-mbstring is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mbstring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mysqlnd is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-mysqlnd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-odbc is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-odbc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-opcache is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-opcache is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-pdo is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pdo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pecl-apcu is earlier than 0:5.1.21-1.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417022 of type rpminfo_object
Name
php-pecl-apcu

php-pecl-apcu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417022 of type rpminfo_object
Name
php-pecl-apcu

php-pecl-apcu-devel is earlier than 0:5.1.21-1.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417023 of type rpminfo_object
Name
php-pecl-apcu-devel

php-pecl-apcu-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417023 of type rpminfo_object
Name
php-pecl-apcu-devel

php-pecl-rrd is earlier than 0:2.0.3-4.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417024 of type rpminfo_object
Name
php-pecl-rrd

php-pecl-rrd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417024 of type rpminfo_object
Name
php-pecl-rrd

php-pecl-xdebug3 is earlier than 0:3.1.4-1.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417025 of type rpminfo_object
Name
php-pecl-xdebug3

php-pecl-xdebug3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417025 of type rpminfo_object
Name
php-pecl-xdebug3

php-pecl-zip is earlier than 0:1.20.1-1.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417026 of type rpminfo_object
Name
php-pecl-zip

php-pecl-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417026 of type rpminfo_object
Name
php-pecl-zip

php-pgsql is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-pgsql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-process is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-process is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-snmp is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-soap is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-soap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-xml is earlier than 0:8.1.27-1.module+el9.3.0.z+21063+f4ccb976  oval:com.redhat.rhsa:tst:20240387061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml

php-xml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240340
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-362.8.1.el9_3 is currently running  oval:com.redhat.rhsa:tst:20237734006  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-362.8.1.el9_3 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20240340007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240340005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-362.8.1.el9_3  oval:com.redhat.rhsa:tst:20237734001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-362.8.1.el9_3  oval:com.redhat.rhsa:tst:20237734003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237734002 of type rpminfo_object
Name
kpatch-patch-5_14_0-362_8_1

kpatch-patch-5_14_0-362_8_1 is earlier than 0:1-2.el9_3  oval:com.redhat.rhsa:tst:20240340004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237734002 of type rpminfo_object
Name
kpatch-patch-5_14_0-362_8_1

kpatch-patch-5_14_0-362_8_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237734005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237734002 of type rpminfo_object
Name
kpatch-patch-5_14_0-362_8_1

kernel version 0:5.14.0-362.13.1.el9_3 is currently running  oval:com.redhat.rhsa:tst:20240340012  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-362.13.1.el9_3 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20240340013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240340005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-362.13.1.el9_3  oval:com.redhat.rhsa:tst:20240340008  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-362.13.1.el9_3  oval:com.redhat.rhsa:tst:20240340009  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240340006 of type rpminfo_object
Name
kpatch-patch-5_14_0-362_13_1

kpatch-patch-5_14_0-362_13_1 is earlier than 0:1-1.el9_3  oval:com.redhat.rhsa:tst:20240340010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240340006 of type rpminfo_object
Name
kpatch-patch-5_14_0-362_13_1

kpatch-patch-5_14_0-362_13_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240340011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240340006 of type rpminfo_object
Name
kpatch-patch-5_14_0-362_13_1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
fail
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240310
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.

Complexity:low
Disruption:high
Reboot:true
Strategy:patch

    
    yum -y update
    

Complexity:low
Disruption:high
Reboot:true
Strategy:patch
- name: Security patches are up to date
      package:
        name: '*'
        state: latest
      tags:
      - CCE-84185-8
      - CJIS-5.10.4.1
      - DISA-STIG-RHEL-09-211015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-2(5)
      - NIST-800-53-SI-2(c)
      - PCI-DSS-Req-6.2
      - PCI-DSSv4-6.3.3
      - high_disruption
      - low_complexity
      - medium_severity
      - patch_strategy
      - reboot_required
      - security_patches_up_to_date
      - skip_ansible_lint
    
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

openssl is earlier than 1:3.0.7-25.el9_3  oval:com.redhat.rhsa:tst:20240310001  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl-devel is earlier than 1:3.0.7-25.el9_3  oval:com.redhat.rhsa:tst:20240310003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-libs is earlier than 1:3.0.7-25.el9_3  oval:com.redhat.rhsa:tst:20240310005  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-perl is earlier than 1:3.0.7-25.el9_3  oval:com.redhat.rhsa:tst:20240310007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl

openssl-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240267
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-17-openjdk is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk-demo is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo-fastdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-slowdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-devel is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel-fastdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-slowdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-fastdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-headless is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless-fastdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-slowdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-javadoc is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc-zip is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-jmods is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods-fastdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-slowdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-slowdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-src is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src-fastdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-slowdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-static-libs is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs-fastdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-slowdebug is earlier than 1:17.0.10.0.7-2.el9  oval:com.redhat.rhsa:tst:20240267045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug

java-17-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240266
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-11-openjdk is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk-demo is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo-fastdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-slowdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-devel is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel-fastdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-slowdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-fastdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-headless is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless-fastdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-slowdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-javadoc is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc-zip is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-jmods is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods-fastdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-slowdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-slowdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-src is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src-fastdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-slowdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-static-libs is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs-fastdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-slowdebug is earlier than 1:11.0.22.0.7-2.el9  oval:com.redhat.rhsa:tst:20240266045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug

java-11-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240265
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-1.8.0-openjdk is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk-demo is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo-fastdebug is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-slowdebug is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-devel is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel-fastdebug is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-slowdebug is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-fastdebug is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-headless is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless-fastdebug is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-slowdebug is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-slowdebug is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-src is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src-fastdebug is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-slowdebug is earlier than 1:1.8.0.402.b06-2.el9  oval:com.redhat.rhsa:tst:20240265033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug

java-1.8.0-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240249
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-21-openjdk is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738001 of type rpminfo_object
Name
java-21-openjdk

java-21-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738001 of type rpminfo_object
Name
java-21-openjdk

java-21-openjdk-demo is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738002 of type rpminfo_object
Name
java-21-openjdk-demo

java-21-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738002 of type rpminfo_object
Name
java-21-openjdk-demo

java-21-openjdk-demo-fastdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738003 of type rpminfo_object
Name
java-21-openjdk-demo-fastdebug

java-21-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738003 of type rpminfo_object
Name
java-21-openjdk-demo-fastdebug

java-21-openjdk-demo-slowdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738004 of type rpminfo_object
Name
java-21-openjdk-demo-slowdebug

java-21-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738004 of type rpminfo_object
Name
java-21-openjdk-demo-slowdebug

java-21-openjdk-devel is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738005 of type rpminfo_object
Name
java-21-openjdk-devel

java-21-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738005 of type rpminfo_object
Name
java-21-openjdk-devel

java-21-openjdk-devel-fastdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738006 of type rpminfo_object
Name
java-21-openjdk-devel-fastdebug

java-21-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738006 of type rpminfo_object
Name
java-21-openjdk-devel-fastdebug

java-21-openjdk-devel-slowdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738007 of type rpminfo_object
Name
java-21-openjdk-devel-slowdebug

java-21-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738007 of type rpminfo_object
Name
java-21-openjdk-devel-slowdebug

java-21-openjdk-fastdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738008 of type rpminfo_object
Name
java-21-openjdk-fastdebug

java-21-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738008 of type rpminfo_object
Name
java-21-openjdk-fastdebug

java-21-openjdk-headless is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738009 of type rpminfo_object
Name
java-21-openjdk-headless

java-21-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738009 of type rpminfo_object
Name
java-21-openjdk-headless

java-21-openjdk-headless-fastdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738010 of type rpminfo_object
Name
java-21-openjdk-headless-fastdebug

java-21-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738010 of type rpminfo_object
Name
java-21-openjdk-headless-fastdebug

java-21-openjdk-headless-slowdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738011 of type rpminfo_object
Name
java-21-openjdk-headless-slowdebug

java-21-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738011 of type rpminfo_object
Name
java-21-openjdk-headless-slowdebug

java-21-openjdk-javadoc is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738012 of type rpminfo_object
Name
java-21-openjdk-javadoc

java-21-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738012 of type rpminfo_object
Name
java-21-openjdk-javadoc

java-21-openjdk-javadoc-zip is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738013 of type rpminfo_object
Name
java-21-openjdk-javadoc-zip

java-21-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738013 of type rpminfo_object
Name
java-21-openjdk-javadoc-zip

java-21-openjdk-jmods is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738014 of type rpminfo_object
Name
java-21-openjdk-jmods

java-21-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738014 of type rpminfo_object
Name
java-21-openjdk-jmods

java-21-openjdk-jmods-fastdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738015 of type rpminfo_object
Name
java-21-openjdk-jmods-fastdebug

java-21-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738015 of type rpminfo_object
Name
java-21-openjdk-jmods-fastdebug

java-21-openjdk-jmods-slowdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738016 of type rpminfo_object
Name
java-21-openjdk-jmods-slowdebug

java-21-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738016 of type rpminfo_object
Name
java-21-openjdk-jmods-slowdebug

java-21-openjdk-slowdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738017 of type rpminfo_object
Name
java-21-openjdk-slowdebug

java-21-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738017 of type rpminfo_object
Name
java-21-openjdk-slowdebug

java-21-openjdk-src is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738018 of type rpminfo_object
Name
java-21-openjdk-src

java-21-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738018 of type rpminfo_object
Name
java-21-openjdk-src

java-21-openjdk-src-fastdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738019 of type rpminfo_object
Name
java-21-openjdk-src-fastdebug

java-21-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738019 of type rpminfo_object
Name
java-21-openjdk-src-fastdebug

java-21-openjdk-src-slowdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738020 of type rpminfo_object
Name
java-21-openjdk-src-slowdebug

java-21-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738020 of type rpminfo_object
Name
java-21-openjdk-src-slowdebug

java-21-openjdk-static-libs is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738021 of type rpminfo_object
Name
java-21-openjdk-static-libs

java-21-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738021 of type rpminfo_object
Name
java-21-openjdk-static-libs

java-21-openjdk-static-libs-fastdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738022 of type rpminfo_object
Name
java-21-openjdk-static-libs-fastdebug

java-21-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738022 of type rpminfo_object
Name
java-21-openjdk-static-libs-fastdebug

java-21-openjdk-static-libs-slowdebug is earlier than 1:21.0.2.0.13-1.el9  oval:com.redhat.rhsa:tst:20240249045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738023 of type rpminfo_object
Name
java-21-openjdk-static-libs-slowdebug

java-21-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738023 of type rpminfo_object
Name
java-21-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240156
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.26-1.el9_3  oval:com.redhat.rhsa:tst:20240156001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.26-1.el9_3  oval:com.redhat.rhsa:tst:20240156003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.26-1.el9_3  oval:com.redhat.rhsa:tst:20240156005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-hostfxr-6.0 is earlier than 0:6.0.26-1.el9_3  oval:com.redhat.rhsa:tst:20240156007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.26-1.el9_3  oval:com.redhat.rhsa:tst:20240156009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.126-1.el9_3  oval:com.redhat.rhsa:tst:20240156011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.126-1.el9_3  oval:com.redhat.rhsa:tst:20240156013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.26-1.el9_3  oval:com.redhat.rhsa:tst:20240156015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.126-1.el9_3  oval:com.redhat.rhsa:tst:20240156017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240152
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-8.0 is earlier than 0:8.0.1-1.el9_3  oval:com.redhat.rhsa:tst:20240152001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253001 of type rpminfo_object
Name
aspnetcore-runtime-8.0

aspnetcore-runtime-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253001 of type rpminfo_object
Name
aspnetcore-runtime-8.0

aspnetcore-targeting-pack-8.0 is earlier than 0:8.0.1-1.el9_3  oval:com.redhat.rhsa:tst:20240152003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253002 of type rpminfo_object
Name
aspnetcore-targeting-pack-8.0

aspnetcore-targeting-pack-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253002 of type rpminfo_object
Name
aspnetcore-targeting-pack-8.0

dotnet-apphost-pack-8.0 is earlier than 0:8.0.1-1.el9_3  oval:com.redhat.rhsa:tst:20240152005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253003 of type rpminfo_object
Name
dotnet-apphost-pack-8.0

dotnet-apphost-pack-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253003 of type rpminfo_object
Name
dotnet-apphost-pack-8.0

dotnet-host is earlier than 0:8.0.1-1.el9_3  oval:com.redhat.rhsa:tst:20240152007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-8.0 is earlier than 0:8.0.1-1.el9_3  oval:com.redhat.rhsa:tst:20240152009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253005 of type rpminfo_object
Name
dotnet-hostfxr-8.0

dotnet-hostfxr-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253005 of type rpminfo_object
Name
dotnet-hostfxr-8.0

dotnet-runtime-8.0 is earlier than 0:8.0.1-1.el9_3  oval:com.redhat.rhsa:tst:20240152011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253006 of type rpminfo_object
Name
dotnet-runtime-8.0

dotnet-runtime-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253006 of type rpminfo_object
Name
dotnet-runtime-8.0

dotnet-sdk-8.0 is earlier than 0:8.0.101-1.el9_3  oval:com.redhat.rhsa:tst:20240152013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253007 of type rpminfo_object
Name
dotnet-sdk-8.0

dotnet-sdk-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253007 of type rpminfo_object
Name
dotnet-sdk-8.0

dotnet-sdk-8.0-source-built-artifacts is earlier than 0:8.0.101-1.el9_3  oval:com.redhat.rhsa:tst:20240152015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253008 of type rpminfo_object
Name
dotnet-sdk-8.0-source-built-artifacts

dotnet-sdk-8.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253008 of type rpminfo_object
Name
dotnet-sdk-8.0-source-built-artifacts

dotnet-targeting-pack-8.0 is earlier than 0:8.0.1-1.el9_3  oval:com.redhat.rhsa:tst:20240152017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253009 of type rpminfo_object
Name
dotnet-targeting-pack-8.0

dotnet-targeting-pack-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253009 of type rpminfo_object
Name
dotnet-targeting-pack-8.0

dotnet-templates-8.0 is earlier than 0:8.0.101-1.el9_3  oval:com.redhat.rhsa:tst:20240152019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253010 of type rpminfo_object
Name
dotnet-templates-8.0

dotnet-templates-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253010 of type rpminfo_object
Name
dotnet-templates-8.0

netstandard-targeting-pack-2.1 is earlier than 0:8.0.101-1.el9_3  oval:com.redhat.rhsa:tst:20240152021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240151
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-7.0 is earlier than 0:7.0.15-1.el9_3  oval:com.redhat.rhsa:tst:20240151001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-targeting-pack-7.0 is earlier than 0:7.0.15-1.el9_3  oval:com.redhat.rhsa:tst:20240151003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

aspnetcore-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

dotnet-apphost-pack-7.0 is earlier than 0:7.0.15-1.el9_3  oval:com.redhat.rhsa:tst:20240151005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-apphost-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-hostfxr-7.0 is earlier than 0:7.0.15-1.el9_3  oval:com.redhat.rhsa:tst:20240151007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-hostfxr-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-runtime-7.0 is earlier than 0:7.0.15-1.el9_3  oval:com.redhat.rhsa:tst:20240151009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-sdk-7.0 is earlier than 0:7.0.115-1.el9_3  oval:com.redhat.rhsa:tst:20240151011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0-source-built-artifacts is earlier than 0:7.0.115-1.el9_3  oval:com.redhat.rhsa:tst:20240151013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-sdk-7.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-targeting-pack-7.0 is earlier than 0:7.0.15-1.el9_3  oval:com.redhat.rhsa:tst:20240151015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-templates-7.0 is earlier than 0:7.0.115-1.el9_3  oval:com.redhat.rhsa:tst:20240151017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

dotnet-templates-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240141
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ipa-client is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141001 of type rpminfo_object
Name
ipa-client

ipa-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141001 of type rpminfo_object
Name
ipa-client

ipa-client-common is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141002 of type rpminfo_object
Name
ipa-client-common

ipa-client-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141002 of type rpminfo_object
Name
ipa-client-common

ipa-client-epn is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141003 of type rpminfo_object
Name
ipa-client-epn

ipa-client-epn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141003 of type rpminfo_object
Name
ipa-client-epn

ipa-client-samba is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141004 of type rpminfo_object
Name
ipa-client-samba

ipa-client-samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141004 of type rpminfo_object
Name
ipa-client-samba

ipa-common is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141005 of type rpminfo_object
Name
ipa-common

ipa-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141005 of type rpminfo_object
Name
ipa-common

ipa-selinux is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141006 of type rpminfo_object
Name
ipa-selinux

ipa-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141006 of type rpminfo_object
Name
ipa-selinux

ipa-server is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141007 of type rpminfo_object
Name
ipa-server

ipa-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141007 of type rpminfo_object
Name
ipa-server

ipa-server-common is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141008 of type rpminfo_object
Name
ipa-server-common

ipa-server-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141008 of type rpminfo_object
Name
ipa-server-common

ipa-server-dns is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141009 of type rpminfo_object
Name
ipa-server-dns

ipa-server-dns is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141009 of type rpminfo_object
Name
ipa-server-dns

ipa-server-trust-ad is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141010 of type rpminfo_object
Name
ipa-server-trust-ad

ipa-server-trust-ad is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141010 of type rpminfo_object
Name
ipa-server-trust-ad

python3-ipaclient is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141011 of type rpminfo_object
Name
python3-ipaclient

python3-ipaclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141011 of type rpminfo_object
Name
python3-ipaclient

python3-ipalib is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141012 of type rpminfo_object
Name
python3-ipalib

python3-ipalib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141012 of type rpminfo_object
Name
python3-ipalib

python3-ipaserver is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141013 of type rpminfo_object
Name
python3-ipaserver

python3-ipaserver is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141013 of type rpminfo_object
Name
python3-ipaserver

python3-ipatests is earlier than 0:4.10.2-5.el9_3  oval:com.redhat.rhsa:tst:20240141027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141014 of type rpminfo_object
Name
python3-ipatests

python3-ipatests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20240141028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20240141014 of type rpminfo_object
Name
python3-ipatests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240108
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nspr is earlier than 0:4.35.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nspraarch64(none)4.el9_34.35.00:4.35.0-4.el9_3199e2f91fd431d51nspr-0:4.35.0-4.el9_3.aarch64

nspr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nspraarch64(none)4.el9_34.35.00:4.35.0-4.el9_3199e2f91fd431d51nspr-0:4.35.0-4.el9_3.aarch64

nspr-devel is earlier than 0:4.35.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368002 of type rpminfo_object
Name
nspr-devel

nspr-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368002 of type rpminfo_object
Name
nspr-devel

nss is earlier than 0:3.90.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nssaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-0:3.90.0-4.el9_3.aarch64

nss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nssaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-0:3.90.0-4.el9_3.aarch64

nss-devel is earlier than 0:3.90.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368004 of type rpminfo_object
Name
nss-devel

nss-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368004 of type rpminfo_object
Name
nss-devel

nss-softokn is earlier than 0:3.90.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softoknaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-0:3.90.0-4.el9_3.aarch64

nss-softokn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softoknaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-0:3.90.0-4.el9_3.aarch64

nss-softokn-devel is earlier than 0:3.90.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368006 of type rpminfo_object
Name
nss-softokn-devel

nss-softokn-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368006 of type rpminfo_object
Name
nss-softokn-devel

nss-softokn-freebl is earlier than 0:3.90.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softokn-freeblaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-freebl-0:3.90.0-4.el9_3.aarch64

nss-softokn-freebl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softokn-freeblaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-freebl-0:3.90.0-4.el9_3.aarch64

nss-softokn-freebl-devel is earlier than 0:3.90.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368008 of type rpminfo_object
Name
nss-softokn-freebl-devel

nss-softokn-freebl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368008 of type rpminfo_object
Name
nss-softokn-freebl-devel

nss-sysinit is earlier than 0:3.90.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-sysinitaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-sysinit-0:3.90.0-4.el9_3.aarch64

nss-sysinit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-sysinitaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-sysinit-0:3.90.0-4.el9_3.aarch64

nss-tools is earlier than 0:3.90.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368010 of type rpminfo_object
Name
nss-tools

nss-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368010 of type rpminfo_object
Name
nss-tools

nss-util is earlier than 0:3.90.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108021  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-utilaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-util-0:3.90.0-4.el9_3.aarch64

nss-util is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368022  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-utilaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-util-0:3.90.0-4.el9_3.aarch64

nss-util-devel is earlier than 0:3.90.0-4.el9_3  oval:com.redhat.rhsa:tst:20240108023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368012 of type rpminfo_object
Name
nss-util-devel

nss-util-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368012 of type rpminfo_object
Name
nss-util-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240071
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

squid is earlier than 7:5.5-6.el9_3.5  oval:com.redhat.rhsa:tst:20240071001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid

squid is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225527002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240025
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:115.6.0-1.el9_3  oval:com.redhat.rhsa:tst:20240025001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:115.6.0-1.el9_3  oval:com.redhat.rhsa:tst:20240025003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240010
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tigervnc is earlier than 0:1.13.1-3.el9_3.3  oval:com.redhat.rhsa:tst:20240010001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622001 of type rpminfo_object
Name
tigervnc

tigervnc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622001 of type rpminfo_object
Name
tigervnc

tigervnc-icons is earlier than 0:1.13.1-3.el9_3.3  oval:com.redhat.rhsa:tst:20240010003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622002 of type rpminfo_object
Name
tigervnc-icons

tigervnc-icons is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622002 of type rpminfo_object
Name
tigervnc-icons

tigervnc-license is earlier than 0:1.13.1-3.el9_3.3  oval:com.redhat.rhsa:tst:20240010005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622003 of type rpminfo_object
Name
tigervnc-license

tigervnc-license is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622003 of type rpminfo_object
Name
tigervnc-license

tigervnc-selinux is earlier than 0:1.13.1-3.el9_3.3  oval:com.redhat.rhsa:tst:20240010007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622004 of type rpminfo_object
Name
tigervnc-selinux

tigervnc-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622004 of type rpminfo_object
Name
tigervnc-selinux

tigervnc-server is earlier than 0:1.13.1-3.el9_3.3  oval:com.redhat.rhsa:tst:20240010009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622005 of type rpminfo_object
Name
tigervnc-server

tigervnc-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622005 of type rpminfo_object
Name
tigervnc-server

tigervnc-server-minimal is earlier than 0:1.13.1-3.el9_3.3  oval:com.redhat.rhsa:tst:20240010011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622006 of type rpminfo_object
Name
tigervnc-server-minimal

tigervnc-server-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622006 of type rpminfo_object
Name
tigervnc-server-minimal

tigervnc-server-module is earlier than 0:1.13.1-3.el9_3.3  oval:com.redhat.rhsa:tst:20240010013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622007 of type rpminfo_object
Name
tigervnc-server-module

tigervnc-server-module is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622007 of type rpminfo_object
Name
tigervnc-server-module
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20240001
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:115.6.0-1.el9_3  oval:com.redhat.rhsa:tst:20240001001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237879
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

opensc is earlier than 0:0.23.0-3.el9_3  oval:com.redhat.rhsa:tst:20237879001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236587001 of type rpminfo_object
Name
opensc

opensc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236587002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236587001 of type rpminfo_object
Name
opensc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237791
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gstreamer1-plugins-bad-free is earlier than 0:1.22.1-2.el9_3  oval:com.redhat.rhsa:tst:20237791001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gstreamer1-plugins-bad-freeaarch64(none)2.el9_31.22.10:1.22.1-2.el9_3199e2f91fd431d51gstreamer1-plugins-bad-free-0:1.22.1-2.el9_3.aarch64

gstreamer1-plugins-bad-free is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237791002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gstreamer1-plugins-bad-freeaarch64(none)2.el9_31.22.10:1.22.1-2.el9_3199e2f91fd431d51gstreamer1-plugins-bad-free-0:1.22.1-2.el9_3.aarch64

gstreamer1-plugins-bad-free-devel is earlier than 0:1.22.1-2.el9_3  oval:com.redhat.rhsa:tst:20237791003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237791002 of type rpminfo_object
Name
gstreamer1-plugins-bad-free-devel

gstreamer1-plugins-bad-free-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237791004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237791002 of type rpminfo_object
Name
gstreamer1-plugins-bad-free-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237785
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module postgresql:15 is enabled  oval:com.redhat.rhsa:tst:20234327037  true

Following items have been found on the system:
PathContent
/etc/dnf/modules.d/postgresql.module[postgresql] name=postgresql stream=15 profiles=server state=enabled

pg_repack is earlier than 0:1.4.8-1.module+el9.2.0+17405+aeb9ec60  oval:com.redhat.rhsa:tst:20234327001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327001 of type rpminfo_object
Name
pg_repack

pg_repack is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327001 of type rpminfo_object
Name
pg_repack

pgaudit is earlier than 0:1.7.0-1.module+el9.2.0+17405+aeb9ec60  oval:com.redhat.rhsa:tst:20234327003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327002 of type rpminfo_object
Name
pgaudit

pgaudit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327002 of type rpminfo_object
Name
pgaudit

postgres-decoderbufs is earlier than 0:1.9.7-1.Final.module+el9.2.0+17405+aeb9ec60  oval:com.redhat.rhsa:tst:20234327005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327003 of type rpminfo_object
Name
postgres-decoderbufs

postgres-decoderbufs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327003 of type rpminfo_object
Name
postgres-decoderbufs

postgresql is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-docs is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-plperl is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plperl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plpython3 is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-plpython3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-pltcl is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-pltcl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-private-devel is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-libs is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785021  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-private-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785023  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server-devel is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-server-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-static is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-test is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-test-rpm-macros is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327016 of type rpminfo_object
Name
postgresql-test-rpm-macros

postgresql-test-rpm-macros is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327016 of type rpminfo_object
Name
postgresql-test-rpm-macros

postgresql-upgrade is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade-devel is earlier than 0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9  oval:com.redhat.rhsa:tst:20237785035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel

postgresql-upgrade-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237784
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

postgresql is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-docs is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-plperl is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plperl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plpython3 is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-plpython3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-pltcl is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-pltcl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-private-devel is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-libs is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-private-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server-devel is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-server-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-static is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-test is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-upgrade is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade-devel is earlier than 0:13.13-1.el9_3  oval:com.redhat.rhsa:tst:20237784027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel

postgresql-upgrade-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237766
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

containernetworking-plugins is earlier than 1:1.3.0-6.el9_3  oval:com.redhat.rhsa:tst:20237766001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
containernetworking-pluginsaarch6416.el9_31.3.01:1.3.0-6.el9_3199e2f91fd431d51containernetworking-plugins-1:1.3.0-6.el9_3.aarch64

containernetworking-plugins is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232367002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
containernetworking-pluginsaarch6416.el9_31.3.01:1.3.0-6.el9_3199e2f91fd431d51containernetworking-plugins-1:1.3.0-6.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237765
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

podman is earlier than 2:4.6.1-7.el9_3  oval:com.redhat.rhsa:tst:20237765001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
podmanaarch6427.el9_34.6.12:4.6.1-7.el9_3199e2f91fd431d51podman-2:4.6.1-7.el9_3.aarch64

podman is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
podmanaarch6427.el9_34.6.12:4.6.1-7.el9_3199e2f91fd431d51podman-2:4.6.1-7.el9_3.aarch64

podman-docker is earlier than 2:4.6.1-7.el9_3  oval:com.redhat.rhsa:tst:20237765003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954002 of type rpminfo_object
Name
podman-docker

podman-docker is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954002 of type rpminfo_object
Name
podman-docker

podman-gvproxy is earlier than 2:4.6.1-7.el9_3  oval:com.redhat.rhsa:tst:20237765005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954003 of type rpminfo_object
Name
podman-gvproxy

podman-gvproxy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954003 of type rpminfo_object
Name
podman-gvproxy

podman-plugins is earlier than 2:4.6.1-7.el9_3  oval:com.redhat.rhsa:tst:20237765007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954004 of type rpminfo_object
Name
podman-plugins

podman-plugins is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954004 of type rpminfo_object
Name
podman-plugins

podman-remote is earlier than 2:4.6.1-7.el9_3  oval:com.redhat.rhsa:tst:20237765009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954005 of type rpminfo_object
Name
podman-remote

podman-remote is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954005 of type rpminfo_object
Name
podman-remote

podman-tests is earlier than 2:4.6.1-7.el9_3  oval:com.redhat.rhsa:tst:20237765011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954006 of type rpminfo_object
Name
podman-tests

podman-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954006 of type rpminfo_object
Name
podman-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237764
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

buildah is earlier than 1:1.31.3-2.el9_3  oval:com.redhat.rhsa:tst:20237764001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
buildahaarch6412.el9_31.31.31:1.31.3-2.el9_3199e2f91fd431d51buildah-1:1.31.3-2.el9_3.aarch64

buildah is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228008002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
buildahaarch6412.el9_31.31.31:1.31.3-2.el9_3199e2f91fd431d51buildah-1:1.31.3-2.el9_3.aarch64

buildah-tests is earlier than 1:1.31.3-2.el9_3  oval:com.redhat.rhsa:tst:20237764003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228008002 of type rpminfo_object
Name
buildah-tests

buildah-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228008004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228008002 of type rpminfo_object
Name
buildah-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237763
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

runc is earlier than 4:1.1.9-2.el9_3  oval:com.redhat.rhsa:tst:20237763001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228090001 of type rpminfo_object
Name
runc

runc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228090002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228090001 of type rpminfo_object
Name
runc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237762
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

skopeo is earlier than 2:1.13.3-3.el9_3  oval:com.redhat.rhsa:tst:20237762001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955001 of type rpminfo_object
Name
skopeo

skopeo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227955002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955001 of type rpminfo_object
Name
skopeo

skopeo-tests is earlier than 2:1.13.3-3.el9_3  oval:com.redhat.rhsa:tst:20237762003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955002 of type rpminfo_object
Name
skopeo-tests

skopeo-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227955004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955002 of type rpminfo_object
Name
skopeo-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237754
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pixman is earlier than 0:0.40.0-6.el9_3  oval:com.redhat.rhsa:tst:20237754001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
pixmanaarch64(none)6.el9_30.40.00:0.40.0-6.el9_3199e2f91fd431d51pixman-0:0.40.0-6.el9_3.aarch64

pixman is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237754002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
pixmanaarch64(none)6.el9_30.40.00:0.40.0-6.el9_3199e2f91fd431d51pixman-0:0.40.0-6.el9_3.aarch64

pixman-devel is earlier than 0:0.40.0-6.el9_3  oval:com.redhat.rhsa:tst:20237754003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237754002 of type rpminfo_object
Name
pixman-devel

pixman-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237754004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237754002 of type rpminfo_object
Name
pixman-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237753
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

fence-agents-aliyun is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161001 of type rpminfo_object
Name
fence-agents-aliyun

fence-agents-aliyun is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161001 of type rpminfo_object
Name
fence-agents-aliyun

fence-agents-all is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161002 of type rpminfo_object
Name
fence-agents-all

fence-agents-all is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161002 of type rpminfo_object
Name
fence-agents-all

fence-agents-amt-ws is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161003 of type rpminfo_object
Name
fence-agents-amt-ws

fence-agents-amt-ws is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161003 of type rpminfo_object
Name
fence-agents-amt-ws

fence-agents-apc is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161004 of type rpminfo_object
Name
fence-agents-apc

fence-agents-apc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161004 of type rpminfo_object
Name
fence-agents-apc

fence-agents-apc-snmp is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161005 of type rpminfo_object
Name
fence-agents-apc-snmp

fence-agents-apc-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161005 of type rpminfo_object
Name
fence-agents-apc-snmp

fence-agents-aws is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161006 of type rpminfo_object
Name
fence-agents-aws

fence-agents-aws is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161006 of type rpminfo_object
Name
fence-agents-aws

fence-agents-azure-arm is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161007 of type rpminfo_object
Name
fence-agents-azure-arm

fence-agents-azure-arm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161007 of type rpminfo_object
Name
fence-agents-azure-arm

fence-agents-bladecenter is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161008 of type rpminfo_object
Name
fence-agents-bladecenter

fence-agents-bladecenter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161008 of type rpminfo_object
Name
fence-agents-bladecenter

fence-agents-brocade is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161009 of type rpminfo_object
Name
fence-agents-brocade

fence-agents-brocade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161009 of type rpminfo_object
Name
fence-agents-brocade

fence-agents-cisco-mds is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161010 of type rpminfo_object
Name
fence-agents-cisco-mds

fence-agents-cisco-mds is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161010 of type rpminfo_object
Name
fence-agents-cisco-mds

fence-agents-cisco-ucs is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161011 of type rpminfo_object
Name
fence-agents-cisco-ucs

fence-agents-cisco-ucs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161011 of type rpminfo_object
Name
fence-agents-cisco-ucs

fence-agents-common is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161012 of type rpminfo_object
Name
fence-agents-common

fence-agents-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161012 of type rpminfo_object
Name
fence-agents-common

fence-agents-compute is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161013 of type rpminfo_object
Name
fence-agents-compute

fence-agents-compute is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161013 of type rpminfo_object
Name
fence-agents-compute

fence-agents-drac5 is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161014 of type rpminfo_object
Name
fence-agents-drac5

fence-agents-drac5 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161014 of type rpminfo_object
Name
fence-agents-drac5

fence-agents-eaton-snmp is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161015 of type rpminfo_object
Name
fence-agents-eaton-snmp

fence-agents-eaton-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161015 of type rpminfo_object
Name
fence-agents-eaton-snmp

fence-agents-emerson is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161016 of type rpminfo_object
Name
fence-agents-emerson

fence-agents-emerson is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161016 of type rpminfo_object
Name
fence-agents-emerson

fence-agents-eps is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161017 of type rpminfo_object
Name
fence-agents-eps

fence-agents-eps is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161017 of type rpminfo_object
Name
fence-agents-eps

fence-agents-gce is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161018 of type rpminfo_object
Name
fence-agents-gce

fence-agents-gce is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161018 of type rpminfo_object
Name
fence-agents-gce

fence-agents-heuristics-ping is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161019 of type rpminfo_object
Name
fence-agents-heuristics-ping

fence-agents-heuristics-ping is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161019 of type rpminfo_object
Name
fence-agents-heuristics-ping

fence-agents-hpblade is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161020 of type rpminfo_object
Name
fence-agents-hpblade

fence-agents-hpblade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161020 of type rpminfo_object
Name
fence-agents-hpblade

fence-agents-ibm-powervs is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161021 of type rpminfo_object
Name
fence-agents-ibm-powervs

fence-agents-ibm-powervs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161021 of type rpminfo_object
Name
fence-agents-ibm-powervs

fence-agents-ibm-vpc is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161022 of type rpminfo_object
Name
fence-agents-ibm-vpc

fence-agents-ibm-vpc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161022 of type rpminfo_object
Name
fence-agents-ibm-vpc

fence-agents-ibmblade is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161023 of type rpminfo_object
Name
fence-agents-ibmblade

fence-agents-ibmblade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161023 of type rpminfo_object
Name
fence-agents-ibmblade

fence-agents-ifmib is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161024 of type rpminfo_object
Name
fence-agents-ifmib

fence-agents-ifmib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161024 of type rpminfo_object
Name
fence-agents-ifmib

fence-agents-ilo-moonshot is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161025 of type rpminfo_object
Name
fence-agents-ilo-moonshot

fence-agents-ilo-moonshot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161025 of type rpminfo_object
Name
fence-agents-ilo-moonshot

fence-agents-ilo-mp is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161026 of type rpminfo_object
Name
fence-agents-ilo-mp

fence-agents-ilo-mp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161026 of type rpminfo_object
Name
fence-agents-ilo-mp

fence-agents-ilo-ssh is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161027 of type rpminfo_object
Name
fence-agents-ilo-ssh

fence-agents-ilo-ssh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161027 of type rpminfo_object
Name
fence-agents-ilo-ssh

fence-agents-ilo2 is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161028 of type rpminfo_object
Name
fence-agents-ilo2

fence-agents-ilo2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161028 of type rpminfo_object
Name
fence-agents-ilo2

fence-agents-intelmodular is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161029 of type rpminfo_object
Name
fence-agents-intelmodular

fence-agents-intelmodular is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161058  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161029 of type rpminfo_object
Name
fence-agents-intelmodular

fence-agents-ipdu is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161030 of type rpminfo_object
Name
fence-agents-ipdu

fence-agents-ipdu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161060  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161030 of type rpminfo_object
Name
fence-agents-ipdu

fence-agents-ipmilan is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161031 of type rpminfo_object
Name
fence-agents-ipmilan

fence-agents-ipmilan is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161062  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161031 of type rpminfo_object
Name
fence-agents-ipmilan

fence-agents-kdump is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161032 of type rpminfo_object
Name
fence-agents-kdump

fence-agents-kdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161064  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161032 of type rpminfo_object
Name
fence-agents-kdump

fence-agents-kubevirt is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753065  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161033 of type rpminfo_object
Name
fence-agents-kubevirt

fence-agents-kubevirt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161066  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161033 of type rpminfo_object
Name
fence-agents-kubevirt

fence-agents-lpar is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161034 of type rpminfo_object
Name
fence-agents-lpar

fence-agents-lpar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161068  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161034 of type rpminfo_object
Name
fence-agents-lpar

fence-agents-mpath is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753069  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161035 of type rpminfo_object
Name
fence-agents-mpath

fence-agents-mpath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161070  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161035 of type rpminfo_object
Name
fence-agents-mpath

fence-agents-openstack is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753071  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161036 of type rpminfo_object
Name
fence-agents-openstack

fence-agents-openstack is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161072  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161036 of type rpminfo_object
Name
fence-agents-openstack

fence-agents-redfish is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753073  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161037 of type rpminfo_object
Name
fence-agents-redfish

fence-agents-redfish is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161074  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161037 of type rpminfo_object
Name
fence-agents-redfish

fence-agents-rhevm is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753075  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161038 of type rpminfo_object
Name
fence-agents-rhevm

fence-agents-rhevm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161076  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161038 of type rpminfo_object
Name
fence-agents-rhevm

fence-agents-rsa is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753077  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161039 of type rpminfo_object
Name
fence-agents-rsa

fence-agents-rsa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161078  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161039 of type rpminfo_object
Name
fence-agents-rsa

fence-agents-rsb is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753079  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161040 of type rpminfo_object
Name
fence-agents-rsb

fence-agents-rsb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161080  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161040 of type rpminfo_object
Name
fence-agents-rsb

fence-agents-sbd is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753081  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161041 of type rpminfo_object
Name
fence-agents-sbd

fence-agents-sbd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161082  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161041 of type rpminfo_object
Name
fence-agents-sbd

fence-agents-scsi is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753083  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161042 of type rpminfo_object
Name
fence-agents-scsi

fence-agents-scsi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161084  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161042 of type rpminfo_object
Name
fence-agents-scsi

fence-agents-virsh is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753085  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161043 of type rpminfo_object
Name
fence-agents-virsh

fence-agents-virsh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161086  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161043 of type rpminfo_object
Name
fence-agents-virsh

fence-agents-vmware-rest is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753087  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161044 of type rpminfo_object
Name
fence-agents-vmware-rest

fence-agents-vmware-rest is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161088  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161044 of type rpminfo_object
Name
fence-agents-vmware-rest

fence-agents-vmware-soap is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753089  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161045 of type rpminfo_object
Name
fence-agents-vmware-soap

fence-agents-vmware-soap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161090  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161045 of type rpminfo_object
Name
fence-agents-vmware-soap

fence-agents-wti is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753091  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161046 of type rpminfo_object
Name
fence-agents-wti

fence-agents-wti is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161092  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161046 of type rpminfo_object
Name
fence-agents-wti

fence-agents-zvm is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753093  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161047 of type rpminfo_object
Name
fence-agents-zvm

fence-agents-zvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161094  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161047 of type rpminfo_object
Name
fence-agents-zvm

fence-virt is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753095  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161048 of type rpminfo_object
Name
fence-virt

fence-virt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161096  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161048 of type rpminfo_object
Name
fence-virt

fence-virtd is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753097  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161049 of type rpminfo_object
Name
fence-virtd

fence-virtd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161098  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161049 of type rpminfo_object
Name
fence-virtd

fence-virtd-cpg is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753099  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161050 of type rpminfo_object
Name
fence-virtd-cpg

fence-virtd-cpg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161100  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161050 of type rpminfo_object
Name
fence-virtd-cpg

fence-virtd-libvirt is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753101  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161051 of type rpminfo_object
Name
fence-virtd-libvirt

fence-virtd-libvirt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161102  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161051 of type rpminfo_object
Name
fence-virtd-libvirt

fence-virtd-multicast is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753103  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161052 of type rpminfo_object
Name
fence-virtd-multicast

fence-virtd-multicast is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161104  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161052 of type rpminfo_object
Name
fence-virtd-multicast

fence-virtd-serial is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753105  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161053 of type rpminfo_object
Name
fence-virtd-serial

fence-virtd-serial is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161106  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161053 of type rpminfo_object
Name
fence-virtd-serial

fence-virtd-tcp is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753107  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161054 of type rpminfo_object
Name
fence-virtd-tcp

fence-virtd-tcp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161108  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161054 of type rpminfo_object
Name
fence-virtd-tcp

ha-cloud-support is earlier than 0:4.10.0-55.el9_3.2  oval:com.redhat.rhsa:tst:20237753109  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161055 of type rpminfo_object
Name
ha-cloud-support

ha-cloud-support is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161110  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161055 of type rpminfo_object
Name
ha-cloud-support
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237747
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libxml2 is earlier than 0:2.9.13-5.el9_3  oval:com.redhat.rhsa:tst:20237747001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51libxml2-0:2.9.13-5.el9_3.aarch64

libxml2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51libxml2-0:2.9.13-5.el9_3.aarch64

libxml2-devel is earlier than 0:2.9.13-5.el9_3  oval:com.redhat.rhsa:tst:20237747003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225250002 of type rpminfo_object
Name
libxml2-devel

libxml2-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225250002 of type rpminfo_object
Name
libxml2-devel

python3-libxml2 is earlier than 0:2.9.13-5.el9_3  oval:com.redhat.rhsa:tst:20237747005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51python3-libxml2-0:2.9.13-5.el9_3.aarch64

python3-libxml2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51python3-libxml2-0:2.9.13-5.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237734
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-362.8.1.el9_3 is currently running  oval:com.redhat.rhsa:tst:20237734006  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-362.8.1.el9_3 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20237734007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237734005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-362.8.1.el9_3  oval:com.redhat.rhsa:tst:20237734001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-362.8.1.el9_3  oval:com.redhat.rhsa:tst:20237734003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237734002 of type rpminfo_object
Name
kpatch-patch-5_14_0-362_8_1

kpatch-patch-5_14_0-362_8_1 is earlier than 0:1-1.el9_3  oval:com.redhat.rhsa:tst:20237734004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237734002 of type rpminfo_object
Name
kpatch-patch-5_14_0-362_8_1

kpatch-patch-5_14_0-362_8_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237734005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237734002 of type rpminfo_object
Name
kpatch-patch-5_14_0-362_8_1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237715
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

webkit2gtk3 is earlier than 0:2.40.5-1.el9_3.1  oval:com.redhat.rhsa:tst:20237715001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-devel is earlier than 0:2.40.5-1.el9_3.1  oval:com.redhat.rhsa:tst:20237715003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-jsc is earlier than 0:2.40.5-1.el9_3.1  oval:com.redhat.rhsa:tst:20237715005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc-devel is earlier than 0:2.40.5-1.el9_3.1  oval:com.redhat.rhsa:tst:20237715007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel

webkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237712
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tracker-miners is earlier than 0:3.1.2-4.el9_3  oval:com.redhat.rhsa:tst:20237712001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
tracker-minersaarch64(none)4.el9_33.1.20:3.1.2-4.el9_3199e2f91fd431d51tracker-miners-0:3.1.2-4.el9_3.aarch64

tracker-miners is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237712002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
tracker-minersaarch64(none)4.el9_33.1.20:3.1.2-4.el9_3199e2f91fd431d51tracker-miners-0:3.1.2-4.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237711
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

apr is earlier than 0:1.7.0-12.el9_3  oval:com.redhat.rhsa:tst:20237711001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237711001 of type rpminfo_object
Name
apr

apr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237711002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237711001 of type rpminfo_object
Name
apr

apr-devel is earlier than 0:1.7.0-12.el9_3  oval:com.redhat.rhsa:tst:20237711003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237711002 of type rpminfo_object
Name
apr-devel

apr-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237711004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237711002 of type rpminfo_object
Name
apr-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237507
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:115.5.0-1.el9_3  oval:com.redhat.rhsa:tst:20237507001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:115.5.0-1.el9_3  oval:com.redhat.rhsa:tst:20237507003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237501
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:115.5.0-1.el9_3  oval:com.redhat.rhsa:tst:20237501001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237465
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

squid is earlier than 7:5.5-6.el9_3.2  oval:com.redhat.rhsa:tst:20237465001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid

squid is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225527002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237277
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

open-vm-tools is earlier than 0:12.2.5-3.el9_3.2  oval:com.redhat.rhsa:tst:20237277001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-toolsaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-toolsaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-desktop is earlier than 0:12.2.5-3.el9_3.2  oval:com.redhat.rhsa:tst:20237277003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-tools-desktopaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-desktop-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-desktop is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-tools-desktopaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-desktop-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-salt-minion is earlier than 0:12.2.5-3.el9_3.2  oval:com.redhat.rhsa:tst:20237277005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233948003 of type rpminfo_object
Name
open-vm-tools-salt-minion

open-vm-tools-salt-minion is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233948006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233948003 of type rpminfo_object
Name
open-vm-tools-salt-minion

open-vm-tools-sdmp is earlier than 0:12.2.5-3.el9_3.2  oval:com.redhat.rhsa:tst:20237277007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358003 of type rpminfo_object
Name
open-vm-tools-sdmp

open-vm-tools-sdmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358003 of type rpminfo_object
Name
open-vm-tools-sdmp

open-vm-tools-test is earlier than 0:12.2.5-3.el9_3.2  oval:com.redhat.rhsa:tst:20237277009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358004 of type rpminfo_object
Name
open-vm-tools-test

open-vm-tools-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358004 of type rpminfo_object
Name
open-vm-tools-test
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237257
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.25-1.el9_3  oval:com.redhat.rhsa:tst:20237257001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.25-1.el9_3  oval:com.redhat.rhsa:tst:20237257003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.25-1.el9_3  oval:com.redhat.rhsa:tst:20237257005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-hostfxr-6.0 is earlier than 0:6.0.25-1.el9_3  oval:com.redhat.rhsa:tst:20237257007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.25-1.el9_3  oval:com.redhat.rhsa:tst:20237257009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.125-1.el9_3  oval:com.redhat.rhsa:tst:20237257011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.125-1.el9_3  oval:com.redhat.rhsa:tst:20237257013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.25-1.el9_3  oval:com.redhat.rhsa:tst:20237257015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.125-1.el9_3  oval:com.redhat.rhsa:tst:20237257017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237255
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-7.0 is earlier than 0:7.0.14-1.el9_3  oval:com.redhat.rhsa:tst:20237255001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-targeting-pack-7.0 is earlier than 0:7.0.14-1.el9_3  oval:com.redhat.rhsa:tst:20237255003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

aspnetcore-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

dotnet-apphost-pack-7.0 is earlier than 0:7.0.14-1.el9_3  oval:com.redhat.rhsa:tst:20237255005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-apphost-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-hostfxr-7.0 is earlier than 0:7.0.14-1.el9_3  oval:com.redhat.rhsa:tst:20237255007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-hostfxr-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-runtime-7.0 is earlier than 0:7.0.14-1.el9_3  oval:com.redhat.rhsa:tst:20237255009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-sdk-7.0 is earlier than 0:7.0.114-1.el9_3  oval:com.redhat.rhsa:tst:20237255011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0-source-built-artifacts is earlier than 0:7.0.114-1.el9_3  oval:com.redhat.rhsa:tst:20237255013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-sdk-7.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-targeting-pack-7.0 is earlier than 0:7.0.14-1.el9_3  oval:com.redhat.rhsa:tst:20237255015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-templates-7.0 is earlier than 0:7.0.114-1.el9_3  oval:com.redhat.rhsa:tst:20237255017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

dotnet-templates-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20237253
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-8.0 is earlier than 0:8.0.0-2.el9_3  oval:com.redhat.rhsa:tst:20237253001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253001 of type rpminfo_object
Name
aspnetcore-runtime-8.0

aspnetcore-runtime-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253001 of type rpminfo_object
Name
aspnetcore-runtime-8.0

aspnetcore-targeting-pack-8.0 is earlier than 0:8.0.0-2.el9_3  oval:com.redhat.rhsa:tst:20237253003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253002 of type rpminfo_object
Name
aspnetcore-targeting-pack-8.0

aspnetcore-targeting-pack-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253002 of type rpminfo_object
Name
aspnetcore-targeting-pack-8.0

dotnet-apphost-pack-8.0 is earlier than 0:8.0.0-2.el9_3  oval:com.redhat.rhsa:tst:20237253005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253003 of type rpminfo_object
Name
dotnet-apphost-pack-8.0

dotnet-apphost-pack-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253003 of type rpminfo_object
Name
dotnet-apphost-pack-8.0

dotnet-host is earlier than 0:8.0.0-2.el9_3  oval:com.redhat.rhsa:tst:20237253007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-8.0 is earlier than 0:8.0.0-2.el9_3  oval:com.redhat.rhsa:tst:20237253009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253005 of type rpminfo_object
Name
dotnet-hostfxr-8.0

dotnet-hostfxr-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253005 of type rpminfo_object
Name
dotnet-hostfxr-8.0

dotnet-runtime-8.0 is earlier than 0:8.0.0-2.el9_3  oval:com.redhat.rhsa:tst:20237253011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253006 of type rpminfo_object
Name
dotnet-runtime-8.0

dotnet-runtime-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253006 of type rpminfo_object
Name
dotnet-runtime-8.0

dotnet-sdk-8.0 is earlier than 0:8.0.100-2.el9_3  oval:com.redhat.rhsa:tst:20237253013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253007 of type rpminfo_object
Name
dotnet-sdk-8.0

dotnet-sdk-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253007 of type rpminfo_object
Name
dotnet-sdk-8.0

dotnet-sdk-8.0-source-built-artifacts is earlier than 0:8.0.100-2.el9_3  oval:com.redhat.rhsa:tst:20237253015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253008 of type rpminfo_object
Name
dotnet-sdk-8.0-source-built-artifacts

dotnet-sdk-8.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253008 of type rpminfo_object
Name
dotnet-sdk-8.0-source-built-artifacts

dotnet-targeting-pack-8.0 is earlier than 0:8.0.0-2.el9_3  oval:com.redhat.rhsa:tst:20237253017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253009 of type rpminfo_object
Name
dotnet-targeting-pack-8.0

dotnet-targeting-pack-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253009 of type rpminfo_object
Name
dotnet-targeting-pack-8.0

dotnet-templates-8.0 is earlier than 0:8.0.100-2.el9_3  oval:com.redhat.rhsa:tst:20237253019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253010 of type rpminfo_object
Name
dotnet-templates-8.0

dotnet-templates-8.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20237253020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20237253010 of type rpminfo_object
Name
dotnet-templates-8.0

netstandard-targeting-pack-2.1 is earlier than 0:8.0.100-2.el9_3  oval:com.redhat.rhsa:tst:20237253021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236748
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

squid is earlier than 7:5.5-6.el9_3.1  oval:com.redhat.rhsa:tst:20236748001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid

squid is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225527002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236746
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libnghttp2 is earlier than 0:1.43.0-5.el9_3.1  oval:com.redhat.rhsa:tst:20236746001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libnghttp2aarch64(none)5.el9_3.11.43.00:1.43.0-5.el9_3.1199e2f91fd431d51libnghttp2-0:1.43.0-5.el9_3.1.aarch64

libnghttp2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235838002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libnghttp2aarch64(none)5.el9_3.11.43.00:1.43.0-5.el9_3.1199e2f91fd431d51libnghttp2-0:1.43.0-5.el9_3.1.aarch64

libnghttp2-devel is earlier than 0:1.43.0-5.el9_3.1  oval:com.redhat.rhsa:tst:20236746003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235838002 of type rpminfo_object
Name
libnghttp2-devel

libnghttp2-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235838004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235838002 of type rpminfo_object
Name
libnghttp2-devel

nghttp2 is earlier than 0:1.43.0-5.el9_3.1  oval:com.redhat.rhsa:tst:20236746005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235838003 of type rpminfo_object
Name
nghttp2

nghttp2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235838006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235838003 of type rpminfo_object
Name
nghttp2
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236745
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

curl is earlier than 0:7.76.1-26.el9_3.2  oval:com.redhat.rhsa:tst:20236745001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl-minimal is earlier than 0:7.76.1-26.el9_3.2  oval:com.redhat.rhsa:tst:20236745003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

curl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

libcurl is earlier than 0:7.76.1-26.el9_3.2  oval:com.redhat.rhsa:tst:20236745005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl-devel is earlier than 0:7.76.1-26.el9_3.2  oval:com.redhat.rhsa:tst:20236745007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-minimal is earlier than 0:7.76.1-26.el9_3.2  oval:com.redhat.rhsa:tst:20236745009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal

libcurl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236744
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ctdb is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

ctdb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

libnetapi is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519002 of type rpminfo_object
Name
libnetapi

libnetapi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519002 of type rpminfo_object
Name
libnetapi

libnetapi-devel is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519003 of type rpminfo_object
Name
libnetapi-devel

libnetapi-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519003 of type rpminfo_object
Name
libnetapi-devel

libsmbclient is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient-devel is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libsmbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libwbclient is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient-devel is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

libwbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

python3-samba is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

python3-samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

python3-samba-dc is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519009 of type rpminfo_object
Name
python3-samba-dc

python3-samba-dc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519009 of type rpminfo_object
Name
python3-samba-dc

python3-samba-devel is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519010 of type rpminfo_object
Name
python3-samba-devel

python3-samba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519010 of type rpminfo_object
Name
python3-samba-devel

python3-samba-test is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519011 of type rpminfo_object
Name
python3-samba-test

python3-samba-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519011 of type rpminfo_object
Name
python3-samba-test

samba is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba-client is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client-libs is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744027  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-client-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-common is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317020  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common-libs is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744031  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317022  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-tools is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-common-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-dc-libs is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519018 of type rpminfo_object
Name
samba-dc-libs

samba-dc-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519018 of type rpminfo_object
Name
samba-dc-libs

samba-dcerpc is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519019 of type rpminfo_object
Name
samba-dcerpc

samba-dcerpc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519019 of type rpminfo_object
Name
samba-dcerpc

samba-devel is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-krb5-printing is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-krb5-printing is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-ldb-ldap-modules is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519022 of type rpminfo_object
Name
samba-ldb-ldap-modules

samba-ldb-ldap-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519022 of type rpminfo_object
Name
samba-ldb-ldap-modules

samba-libs is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-pidl is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-pidl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-test is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test-libs is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-test-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-tools is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519027 of type rpminfo_object
Name
samba-tools

samba-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519027 of type rpminfo_object
Name
samba-tools

samba-usershares is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519028 of type rpminfo_object
Name
samba-usershares

samba-usershares is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519028 of type rpminfo_object
Name
samba-usershares

samba-vfs-iouring is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-vfs-iouring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-winbind is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind-clients is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-clients is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-krb5-locator is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-krb5-locator is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-modules is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744065  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winbind-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winexe is earlier than 0:4.18.6-101.el9_3  oval:com.redhat.rhsa:tst:20236744067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe

samba-winexe is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236738
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-21-openjdk is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738001 of type rpminfo_object
Name
java-21-openjdk

java-21-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738001 of type rpminfo_object
Name
java-21-openjdk

java-21-openjdk-demo is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738002 of type rpminfo_object
Name
java-21-openjdk-demo

java-21-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738002 of type rpminfo_object
Name
java-21-openjdk-demo

java-21-openjdk-demo-fastdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738003 of type rpminfo_object
Name
java-21-openjdk-demo-fastdebug

java-21-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738003 of type rpminfo_object
Name
java-21-openjdk-demo-fastdebug

java-21-openjdk-demo-slowdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738004 of type rpminfo_object
Name
java-21-openjdk-demo-slowdebug

java-21-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738004 of type rpminfo_object
Name
java-21-openjdk-demo-slowdebug

java-21-openjdk-devel is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738005 of type rpminfo_object
Name
java-21-openjdk-devel

java-21-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738005 of type rpminfo_object
Name
java-21-openjdk-devel

java-21-openjdk-devel-fastdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738006 of type rpminfo_object
Name
java-21-openjdk-devel-fastdebug

java-21-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738006 of type rpminfo_object
Name
java-21-openjdk-devel-fastdebug

java-21-openjdk-devel-slowdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738007 of type rpminfo_object
Name
java-21-openjdk-devel-slowdebug

java-21-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738007 of type rpminfo_object
Name
java-21-openjdk-devel-slowdebug

java-21-openjdk-fastdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738008 of type rpminfo_object
Name
java-21-openjdk-fastdebug

java-21-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738008 of type rpminfo_object
Name
java-21-openjdk-fastdebug

java-21-openjdk-headless is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738009 of type rpminfo_object
Name
java-21-openjdk-headless

java-21-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738009 of type rpminfo_object
Name
java-21-openjdk-headless

java-21-openjdk-headless-fastdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738010 of type rpminfo_object
Name
java-21-openjdk-headless-fastdebug

java-21-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738010 of type rpminfo_object
Name
java-21-openjdk-headless-fastdebug

java-21-openjdk-headless-slowdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738011 of type rpminfo_object
Name
java-21-openjdk-headless-slowdebug

java-21-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738011 of type rpminfo_object
Name
java-21-openjdk-headless-slowdebug

java-21-openjdk-javadoc is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738012 of type rpminfo_object
Name
java-21-openjdk-javadoc

java-21-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738012 of type rpminfo_object
Name
java-21-openjdk-javadoc

java-21-openjdk-javadoc-zip is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738013 of type rpminfo_object
Name
java-21-openjdk-javadoc-zip

java-21-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738013 of type rpminfo_object
Name
java-21-openjdk-javadoc-zip

java-21-openjdk-jmods is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738014 of type rpminfo_object
Name
java-21-openjdk-jmods

java-21-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738014 of type rpminfo_object
Name
java-21-openjdk-jmods

java-21-openjdk-jmods-fastdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738015 of type rpminfo_object
Name
java-21-openjdk-jmods-fastdebug

java-21-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738015 of type rpminfo_object
Name
java-21-openjdk-jmods-fastdebug

java-21-openjdk-jmods-slowdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738016 of type rpminfo_object
Name
java-21-openjdk-jmods-slowdebug

java-21-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738016 of type rpminfo_object
Name
java-21-openjdk-jmods-slowdebug

java-21-openjdk-slowdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738017 of type rpminfo_object
Name
java-21-openjdk-slowdebug

java-21-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738017 of type rpminfo_object
Name
java-21-openjdk-slowdebug

java-21-openjdk-src is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738018 of type rpminfo_object
Name
java-21-openjdk-src

java-21-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738018 of type rpminfo_object
Name
java-21-openjdk-src

java-21-openjdk-src-fastdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738019 of type rpminfo_object
Name
java-21-openjdk-src-fastdebug

java-21-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738019 of type rpminfo_object
Name
java-21-openjdk-src-fastdebug

java-21-openjdk-src-slowdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738020 of type rpminfo_object
Name
java-21-openjdk-src-slowdebug

java-21-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738020 of type rpminfo_object
Name
java-21-openjdk-src-slowdebug

java-21-openjdk-static-libs is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738021 of type rpminfo_object
Name
java-21-openjdk-static-libs

java-21-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738021 of type rpminfo_object
Name
java-21-openjdk-static-libs

java-21-openjdk-static-libs-fastdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738022 of type rpminfo_object
Name
java-21-openjdk-static-libs-fastdebug

java-21-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738022 of type rpminfo_object
Name
java-21-openjdk-static-libs-fastdebug

java-21-openjdk-static-libs-slowdebug is earlier than 1:21.0.1.0.12-2.el9  oval:com.redhat.rhsa:tst:20236738045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738023 of type rpminfo_object
Name
java-21-openjdk-static-libs-slowdebug

java-21-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236738046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236738023 of type rpminfo_object
Name
java-21-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236732
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ghostscript is earlier than 0:9.54.0-14.el9_3  oval:com.redhat.rhsa:tst:20236732001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscriptaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-0:9.54.0-14.el9_3.aarch64

ghostscript is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscriptaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-0:9.54.0-14.el9_3.aarch64

ghostscript-doc is earlier than 0:9.54.0-14.el9_3  oval:com.redhat.rhsa:tst:20236732003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459002 of type rpminfo_object
Name
ghostscript-doc

ghostscript-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459002 of type rpminfo_object
Name
ghostscript-doc

ghostscript-tools-dvipdf is earlier than 0:9.54.0-14.el9_3  oval:com.redhat.rhsa:tst:20236732005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459003 of type rpminfo_object
Name
ghostscript-tools-dvipdf

ghostscript-tools-dvipdf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459003 of type rpminfo_object
Name
ghostscript-tools-dvipdf

ghostscript-tools-fonts is earlier than 0:9.54.0-14.el9_3  oval:com.redhat.rhsa:tst:20236732007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-fontsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-fonts-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-fonts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-fontsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-fonts-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-printing is earlier than 0:9.54.0-14.el9_3  oval:com.redhat.rhsa:tst:20236732009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-printingaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-printing-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-printing is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-printingaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-printing-0:9.54.0-14.el9_3.aarch64

ghostscript-x11 is earlier than 0:9.54.0-14.el9_3  oval:com.redhat.rhsa:tst:20236732011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459006 of type rpminfo_object
Name
ghostscript-x11

ghostscript-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459006 of type rpminfo_object
Name
ghostscript-x11

libgs is earlier than 0:9.54.0-14.el9_3  oval:com.redhat.rhsa:tst:20236732013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libgsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51libgs-0:9.54.0-14.el9_3.aarch64

libgs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libgsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51libgs-0:9.54.0-14.el9_3.aarch64

libgs-devel is earlier than 0:9.54.0-14.el9_3  oval:com.redhat.rhsa:tst:20236732015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459008 of type rpminfo_object
Name
libgs-devel

libgs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459008 of type rpminfo_object
Name
libgs-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236712
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-wheel is earlier than 1:0.36.2-8.el9  oval:com.redhat.rhsa:tst:20236712001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236712001 of type rpminfo_object
Name
python3-wheel

python3-wheel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236712002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236712001 of type rpminfo_object
Name
python3-wheel

python3-wheel-wheel is earlier than 1:0.36.2-8.el9  oval:com.redhat.rhsa:tst:20236712003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236712002 of type rpminfo_object
Name
python3-wheel-wheel

python3-wheel-wheel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236712004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236712002 of type rpminfo_object
Name
python3-wheel-wheel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236707
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

avahi is earlier than 0:0.8-15.el9  oval:com.redhat.rhsa:tst:20236707001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
avahiaarch64(none)15.el90.80:0.8-15.el9199e2f91fd431d51avahi-0:0.8-15.el9.aarch64

avahi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236707002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
avahiaarch64(none)15.el90.80:0.8-15.el9199e2f91fd431d51avahi-0:0.8-15.el9.aarch64

avahi-compat-howl is earlier than 0:0.8-15.el9  oval:com.redhat.rhsa:tst:20236707003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707002 of type rpminfo_object
Name
avahi-compat-howl

avahi-compat-howl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236707004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707002 of type rpminfo_object
Name
avahi-compat-howl

avahi-compat-howl-devel is earlier than 0:0.8-15.el9  oval:com.redhat.rhsa:tst:20236707005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707003 of type rpminfo_object
Name
avahi-compat-howl-devel

avahi-compat-howl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236707006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707003 of type rpminfo_object
Name
avahi-compat-howl-devel

avahi-compat-libdns_sd is earlier than 0:0.8-15.el9  oval:com.redhat.rhsa:tst:20236707007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707004 of type rpminfo_object
Name
avahi-compat-libdns_sd

avahi-compat-libdns_sd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236707008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707004 of type rpminfo_object
Name
avahi-compat-libdns_sd

avahi-compat-libdns_sd-devel is earlier than 0:0.8-15.el9  oval:com.redhat.rhsa:tst:20236707009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707005 of type rpminfo_object
Name
avahi-compat-libdns_sd-devel

avahi-compat-libdns_sd-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236707010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707005 of type rpminfo_object
Name
avahi-compat-libdns_sd-devel

avahi-devel is earlier than 0:0.8-15.el9  oval:com.redhat.rhsa:tst:20236707011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707006 of type rpminfo_object
Name
avahi-devel

avahi-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236707012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707006 of type rpminfo_object
Name
avahi-devel

avahi-glib is earlier than 0:0.8-15.el9  oval:com.redhat.rhsa:tst:20236707013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
avahi-glibaarch64(none)15.el90.80:0.8-15.el9199e2f91fd431d51avahi-glib-0:0.8-15.el9.aarch64

avahi-glib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236707014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
avahi-glibaarch64(none)15.el90.80:0.8-15.el9199e2f91fd431d51avahi-glib-0:0.8-15.el9.aarch64

avahi-glib-devel is earlier than 0:0.8-15.el9  oval:com.redhat.rhsa:tst:20236707015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707008 of type rpminfo_object
Name
avahi-glib-devel

avahi-glib-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236707016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236707008 of type rpminfo_object
Name
avahi-glib-devel

avahi-libs is earlier than 0:0.8-15.el9  oval:com.redhat.rhsa:tst:20236707017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
avahi-libsaarch64(none)15.el90.80:0.8-15.el9199e2f91fd431d51avahi-libs-0:0.8-15.el9.aarch64

avahi-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236707018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
avahi-libsaarch64(none)15.el90.80:0.8-15.el9199e2f91fd431d51avahi-libs-0:0.8-15.el9.aarch64

avahi-tools is earlier than 0:0.8-15.el9  oval:com.redhat.rhsa:tst:20236707019  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
avahi-toolsaarch64(none)15.el90.80:0.8-15.el9199e2f91fd431d51avahi-tools-0:0.8-15.el9.aarch64

avahi-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236707020  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
avahi-toolsaarch64(none)15.el90.80:0.8-15.el9199e2f91fd431d51avahi-tools-0:0.8-15.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236705
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

procps-ng is earlier than 0:3.3.17-13.el9  oval:com.redhat.rhsa:tst:20236705001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
procps-ngaarch64(none)13.el93.3.170:3.3.17-13.el9199e2f91fd431d51procps-ng-0:3.3.17-13.el9.aarch64

procps-ng is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236705002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
procps-ngaarch64(none)13.el93.3.170:3.3.17-13.el9199e2f91fd431d51procps-ng-0:3.3.17-13.el9.aarch64

procps-ng-devel is earlier than 0:3.3.17-13.el9  oval:com.redhat.rhsa:tst:20236705003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236705002 of type rpminfo_object
Name
procps-ng-devel

procps-ng-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236705004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236705002 of type rpminfo_object
Name
procps-ng-devel

procps-ng-i18n is earlier than 0:3.3.17-13.el9  oval:com.redhat.rhsa:tst:20236705005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236705003 of type rpminfo_object
Name
procps-ng-i18n

procps-ng-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236705006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236705003 of type rpminfo_object
Name
procps-ng-i18n
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236699
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

krb5-devel is earlier than 0:1.21.1-1.el9  oval:com.redhat.rhsa:tst:20236699001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637001 of type rpminfo_object
Name
krb5-devel

krb5-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637001 of type rpminfo_object
Name
krb5-devel

krb5-libs is earlier than 0:1.21.1-1.el9  oval:com.redhat.rhsa:tst:20236699003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
krb5-libsaarch64(none)1.el91.21.10:1.21.1-1.el9199e2f91fd431d51krb5-libs-0:1.21.1-1.el9.aarch64

krb5-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
krb5-libsaarch64(none)1.el91.21.10:1.21.1-1.el9199e2f91fd431d51krb5-libs-0:1.21.1-1.el9.aarch64

krb5-pkinit is earlier than 0:1.21.1-1.el9  oval:com.redhat.rhsa:tst:20236699005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637003 of type rpminfo_object
Name
krb5-pkinit

krb5-pkinit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637003 of type rpminfo_object
Name
krb5-pkinit

krb5-server is earlier than 0:1.21.1-1.el9  oval:com.redhat.rhsa:tst:20236699007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637004 of type rpminfo_object
Name
krb5-server

krb5-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637004 of type rpminfo_object
Name
krb5-server

krb5-server-ldap is earlier than 0:1.21.1-1.el9  oval:com.redhat.rhsa:tst:20236699009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637005 of type rpminfo_object
Name
krb5-server-ldap

krb5-server-ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637005 of type rpminfo_object
Name
krb5-server-ldap

krb5-workstation is earlier than 0:1.21.1-1.el9  oval:com.redhat.rhsa:tst:20236699011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637006 of type rpminfo_object
Name
krb5-workstation

krb5-workstation is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637006 of type rpminfo_object
Name
krb5-workstation

libkadm5 is earlier than 0:1.21.1-1.el9  oval:com.redhat.rhsa:tst:20236699013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637007 of type rpminfo_object
Name
libkadm5

libkadm5 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637007 of type rpminfo_object
Name
libkadm5
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236698
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ncurses is earlier than 0:6.2-10.20210508.el9  oval:com.redhat.rhsa:tst:20236698001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ncursesaarch64(none)10.20210508.el96.20:6.2-10.20210508.el9199e2f91fd431d51ncurses-0:6.2-10.20210508.el9.aarch64

ncurses is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236698002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ncursesaarch64(none)10.20210508.el96.20:6.2-10.20210508.el9199e2f91fd431d51ncurses-0:6.2-10.20210508.el9.aarch64

ncurses-base is earlier than 0:6.2-10.20210508.el9  oval:com.redhat.rhsa:tst:20236698003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ncurses-basenoarch(none)10.20210508.el96.20:6.2-10.20210508.el9199e2f91fd431d51ncurses-base-0:6.2-10.20210508.el9.noarch

ncurses-base is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236698004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ncurses-basenoarch(none)10.20210508.el96.20:6.2-10.20210508.el9199e2f91fd431d51ncurses-base-0:6.2-10.20210508.el9.noarch

ncurses-c++-libs is earlier than 0:6.2-10.20210508.el9  oval:com.redhat.rhsa:tst:20236698005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236698003 of type rpminfo_object
Name
ncurses-c++-libs

ncurses-c++-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236698006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236698003 of type rpminfo_object
Name
ncurses-c++-libs

ncurses-devel is earlier than 0:6.2-10.20210508.el9  oval:com.redhat.rhsa:tst:20236698007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236698004 of type rpminfo_object
Name
ncurses-devel

ncurses-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236698008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236698004 of type rpminfo_object
Name
ncurses-devel

ncurses-libs is earlier than 0:6.2-10.20210508.el9  oval:com.redhat.rhsa:tst:20236698009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ncurses-libsaarch64(none)10.20210508.el96.20:6.2-10.20210508.el9199e2f91fd431d51ncurses-libs-0:6.2-10.20210508.el9.aarch64

ncurses-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236698010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ncurses-libsaarch64(none)10.20210508.el96.20:6.2-10.20210508.el9199e2f91fd431d51ncurses-libs-0:6.2-10.20210508.el9.aarch64

ncurses-term is earlier than 0:6.2-10.20210508.el9  oval:com.redhat.rhsa:tst:20236698011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236698006 of type rpminfo_object
Name
ncurses-term

ncurses-term is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236698012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236698006 of type rpminfo_object
Name
ncurses-term
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236694
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-pip is earlier than 0:21.2.3-7.el9  oval:com.redhat.rhsa:tst:20236694001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236694001 of type rpminfo_object
Name
python3-pip

python3-pip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236694002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236694001 of type rpminfo_object
Name
python3-pip

python3-pip-wheel is earlier than 0:21.2.3-7.el9  oval:com.redhat.rhsa:tst:20236694003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-pip-wheelnoarch(none)7.el921.2.30:21.2.3-7.el9199e2f91fd431d51python3-pip-wheel-0:21.2.3-7.el9.noarch

python3-pip-wheel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236694004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-pip-wheelnoarch(none)7.el921.2.30:21.2.3-7.el9199e2f91fd431d51python3-pip-wheel-0:21.2.3-7.el9.noarch
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236685
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tpm2-tss is earlier than 0:3.2.2-2.el9  oval:com.redhat.rhsa:tst:20236685001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
tpm2-tssaarch64(none)2.el93.2.20:3.2.2-2.el9199e2f91fd431d51tpm2-tss-0:3.2.2-2.el9.aarch64

tpm2-tss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236685002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
tpm2-tssaarch64(none)2.el93.2.20:3.2.2-2.el9199e2f91fd431d51tpm2-tss-0:3.2.2-2.el9.aarch64

tpm2-tss-devel is earlier than 0:3.2.2-2.el9  oval:com.redhat.rhsa:tst:20236685003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236685002 of type rpminfo_object
Name
tpm2-tss-devel

tpm2-tss-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236685004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236685002 of type rpminfo_object
Name
tpm2-tss-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236679
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

curl is earlier than 0:7.76.1-26.el9  oval:com.redhat.rhsa:tst:20236679001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl-minimal is earlier than 0:7.76.1-26.el9  oval:com.redhat.rhsa:tst:20236679003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

curl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

libcurl is earlier than 0:7.76.1-26.el9  oval:com.redhat.rhsa:tst:20236679005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl-devel is earlier than 0:7.76.1-26.el9  oval:com.redhat.rhsa:tst:20236679007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-minimal is earlier than 0:7.76.1-26.el9  oval:com.redhat.rhsa:tst:20236679009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal

libcurl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236667
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ctdb is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

ctdb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

libnetapi is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519002 of type rpminfo_object
Name
libnetapi

libnetapi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519002 of type rpminfo_object
Name
libnetapi

libnetapi-devel is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519003 of type rpminfo_object
Name
libnetapi-devel

libnetapi-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519003 of type rpminfo_object
Name
libnetapi-devel

libsmbclient is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient-devel is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libsmbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libwbclient is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient-devel is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

libwbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

python3-samba is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

python3-samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

python3-samba-dc is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519009 of type rpminfo_object
Name
python3-samba-dc

python3-samba-dc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519009 of type rpminfo_object
Name
python3-samba-dc

python3-samba-devel is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519010 of type rpminfo_object
Name
python3-samba-devel

python3-samba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519010 of type rpminfo_object
Name
python3-samba-devel

python3-samba-test is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519011 of type rpminfo_object
Name
python3-samba-test

python3-samba-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519011 of type rpminfo_object
Name
python3-samba-test

samba is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba-client is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client-libs is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667027  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-client-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-common is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317020  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common-libs is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667031  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317022  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-tools is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-common-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-dc-libs is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519018 of type rpminfo_object
Name
samba-dc-libs

samba-dc-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519018 of type rpminfo_object
Name
samba-dc-libs

samba-dcerpc is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519019 of type rpminfo_object
Name
samba-dcerpc

samba-dcerpc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519019 of type rpminfo_object
Name
samba-dcerpc

samba-devel is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-krb5-printing is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-krb5-printing is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-ldb-ldap-modules is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519022 of type rpminfo_object
Name
samba-ldb-ldap-modules

samba-ldb-ldap-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519022 of type rpminfo_object
Name
samba-ldb-ldap-modules

samba-libs is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-pidl is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-pidl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-test is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test-libs is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-test-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-tools is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519027 of type rpminfo_object
Name
samba-tools

samba-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519027 of type rpminfo_object
Name
samba-tools

samba-usershares is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519028 of type rpminfo_object
Name
samba-usershares

samba-usershares is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519028 of type rpminfo_object
Name
samba-usershares

samba-vfs-iouring is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-vfs-iouring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-winbind is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind-clients is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-clients is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-krb5-locator is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-krb5-locator is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-modules is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667065  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winbind-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winexe is earlier than 0:4.18.6-100.el9  oval:com.redhat.rhsa:tst:20236667067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe

samba-winexe is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236661
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gmp is earlier than 1:6.2.0-13.el9  oval:com.redhat.rhsa:tst:20236661001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gmpaarch64113.el96.2.01:6.2.0-13.el9199e2f91fd431d51gmp-1:6.2.0-13.el9.aarch64

gmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236661002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gmpaarch64113.el96.2.01:6.2.0-13.el9199e2f91fd431d51gmp-1:6.2.0-13.el9.aarch64

gmp-c++ is earlier than 1:6.2.0-13.el9  oval:com.redhat.rhsa:tst:20236661003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236661002 of type rpminfo_object
Name
gmp-c++

gmp-c++ is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236661004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236661002 of type rpminfo_object
Name
gmp-c++

gmp-devel is earlier than 1:6.2.0-13.el9  oval:com.redhat.rhsa:tst:20236661005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236661003 of type rpminfo_object
Name
gmp-devel

gmp-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236661006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236661003 of type rpminfo_object
Name
gmp-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236659
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python-unversioned-command is earlier than 0:3.9.18-1.el9_3  oval:com.redhat.rhsa:tst:20236659001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python-unversioned-command is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python3 is earlier than 0:3.9.18-1.el9_3  oval:com.redhat.rhsa:tst:20236659003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3-debug is earlier than 0:3.9.18-1.el9_3  oval:com.redhat.rhsa:tst:20236659005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-devel is earlier than 0:3.9.18-1.el9_3  oval:com.redhat.rhsa:tst:20236659007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-idle is earlier than 0:3.9.18-1.el9_3  oval:com.redhat.rhsa:tst:20236659009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-idle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-libs is earlier than 0:3.9.18-1.el9_3  oval:com.redhat.rhsa:tst:20236659011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-test is earlier than 0:3.9.18-1.el9_3  oval:com.redhat.rhsa:tst:20236659013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-tkinter is earlier than 0:3.9.18-1.el9_3  oval:com.redhat.rhsa:tst:20236659015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter

python3-tkinter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236643
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libssh is earlier than 0:0.10.4-11.el9  oval:com.redhat.rhsa:tst:20236643001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsshaarch64(none)11.el90.10.40:0.10.4-11.el9199e2f91fd431d51libssh-0:0.10.4-11.el9.aarch64

libssh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236643002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsshaarch64(none)11.el90.10.40:0.10.4-11.el9199e2f91fd431d51libssh-0:0.10.4-11.el9.aarch64

libssh-config is earlier than 0:0.10.4-11.el9  oval:com.redhat.rhsa:tst:20236643003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libssh-confignoarch(none)11.el90.10.40:0.10.4-11.el9199e2f91fd431d51libssh-config-0:0.10.4-11.el9.noarch

libssh-config is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236643004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libssh-confignoarch(none)11.el90.10.40:0.10.4-11.el9199e2f91fd431d51libssh-config-0:0.10.4-11.el9.noarch

libssh-devel is earlier than 0:0.10.4-11.el9  oval:com.redhat.rhsa:tst:20236643005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236643003 of type rpminfo_object
Name
libssh-devel

libssh-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236643006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236643003 of type rpminfo_object
Name
libssh-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236635
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

c-ares is earlier than 0:1.19.1-1.el9  oval:com.redhat.rhsa:tst:20236635001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
c-aresaarch64(none)1.el91.19.10:1.19.1-1.el9199e2f91fd431d51c-ares-0:1.19.1-1.el9.aarch64

c-ares is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233559002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
c-aresaarch64(none)1.el91.19.10:1.19.1-1.el9199e2f91fd431d51c-ares-0:1.19.1-1.el9.aarch64

c-ares-devel is earlier than 0:1.19.1-1.el9  oval:com.redhat.rhsa:tst:20236635003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233559002 of type rpminfo_object
Name
c-ares-devel

c-ares-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233559004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233559002 of type rpminfo_object
Name
c-ares-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236632
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

shadow-utils is earlier than 2:4.9-8.el9  oval:com.redhat.rhsa:tst:20236632001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
shadow-utilsaarch6428.el94.92:4.9-8.el9199e2f91fd431d51shadow-utils-2:4.9-8.el9.aarch64

shadow-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236632002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
shadow-utilsaarch6428.el94.92:4.9-8.el9199e2f91fd431d51shadow-utils-2:4.9-8.el9.aarch64

shadow-utils-subid is earlier than 2:4.9-8.el9  oval:com.redhat.rhsa:tst:20236632003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
shadow-utils-subidaarch6428.el94.92:4.9-8.el9199e2f91fd431d51shadow-utils-subid-2:4.9-8.el9.aarch64

shadow-utils-subid is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236632004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
shadow-utils-subidaarch6428.el94.92:4.9-8.el9199e2f91fd431d51shadow-utils-subid-2:4.9-8.el9.aarch64

shadow-utils-subid-devel is earlier than 2:4.9-8.el9  oval:com.redhat.rhsa:tst:20236632005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236632003 of type rpminfo_object
Name
shadow-utils-subid-devel

shadow-utils-subid-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236632006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236632003 of type rpminfo_object
Name
shadow-utils-subid-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236631
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

glib2 is earlier than 0:2.68.4-11.el9  oval:com.redhat.rhsa:tst:20236631001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glib2aarch64(none)11.el92.68.40:2.68.4-11.el9199e2f91fd431d51glib2-0:2.68.4-11.el9.aarch64

glib2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236631002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glib2aarch64(none)11.el92.68.40:2.68.4-11.el9199e2f91fd431d51glib2-0:2.68.4-11.el9.aarch64

glib2-devel is earlier than 0:2.68.4-11.el9  oval:com.redhat.rhsa:tst:20236631003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236631002 of type rpminfo_object
Name
glib2-devel

glib2-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236631004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236631002 of type rpminfo_object
Name
glib2-devel

glib2-doc is earlier than 0:2.68.4-11.el9  oval:com.redhat.rhsa:tst:20236631005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236631003 of type rpminfo_object
Name
glib2-doc

glib2-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236631006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236631003 of type rpminfo_object
Name
glib2-doc

glib2-static is earlier than 0:2.68.4-11.el9  oval:com.redhat.rhsa:tst:20236631007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236631004 of type rpminfo_object
Name
glib2-static

glib2-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236631008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236631004 of type rpminfo_object
Name
glib2-static

glib2-tests is earlier than 0:2.68.4-11.el9  oval:com.redhat.rhsa:tst:20236631009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236631005 of type rpminfo_object
Name
glib2-tests

glib2-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236631010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236631005 of type rpminfo_object
Name
glib2-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236621
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

protobuf-c is earlier than 0:1.3.3-13.el9  oval:com.redhat.rhsa:tst:20236621001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
protobuf-caarch64(none)13.el91.3.30:1.3.3-13.el9199e2f91fd431d51protobuf-c-0:1.3.3-13.el9.aarch64

protobuf-c is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236621002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
protobuf-caarch64(none)13.el91.3.30:1.3.3-13.el9199e2f91fd431d51protobuf-c-0:1.3.3-13.el9.aarch64

protobuf-c-compiler is earlier than 0:1.3.3-13.el9  oval:com.redhat.rhsa:tst:20236621003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236621002 of type rpminfo_object
Name
protobuf-c-compiler

protobuf-c-compiler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236621004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236621002 of type rpminfo_object
Name
protobuf-c-compiler

protobuf-c-devel is earlier than 0:1.3.3-13.el9  oval:com.redhat.rhsa:tst:20236621005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236621003 of type rpminfo_object
Name
protobuf-c-devel

protobuf-c-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236621006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236621003 of type rpminfo_object
Name
protobuf-c-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236615
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-cryptography is earlier than 0:36.0.1-4.el9  oval:com.redhat.rhsa:tst:20236615001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-cryptographyaarch64(none)4.el936.0.10:36.0.1-4.el9199e2f91fd431d51python3-cryptography-0:36.0.1-4.el9.aarch64

python3-cryptography is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236615002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-cryptographyaarch64(none)4.el936.0.10:36.0.1-4.el9199e2f91fd431d51python3-cryptography-0:36.0.1-4.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236596
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

cups is earlier than 1:2.3.3op2-21.el9  oval:com.redhat.rhsa:tst:20236596001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cupsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-1:2.3.3op2-21.el9.aarch64

cups is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cupsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-1:2.3.3op2-21.el9.aarch64

cups-client is earlier than 1:2.3.3op2-21.el9  oval:com.redhat.rhsa:tst:20236596003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-clientaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-client-1:2.3.3op2-21.el9.aarch64

cups-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-clientaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-client-1:2.3.3op2-21.el9.aarch64

cups-devel is earlier than 1:2.3.3op2-21.el9  oval:com.redhat.rhsa:tst:20236596005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990003 of type rpminfo_object
Name
cups-devel

cups-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990003 of type rpminfo_object
Name
cups-devel

cups-filesystem is earlier than 1:2.3.3op2-21.el9  oval:com.redhat.rhsa:tst:20236596007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-filesystemnoarch121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-filesystem-1:2.3.3op2-21.el9.noarch

cups-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-filesystemnoarch121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-filesystem-1:2.3.3op2-21.el9.noarch

cups-ipptool is earlier than 1:2.3.3op2-21.el9  oval:com.redhat.rhsa:tst:20236596009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-ipptoolaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-ipptool-1:2.3.3op2-21.el9.aarch64

cups-ipptool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-ipptoolaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-ipptool-1:2.3.3op2-21.el9.aarch64

cups-libs is earlier than 1:2.3.3op2-21.el9  oval:com.redhat.rhsa:tst:20236596011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-libsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-libs-1:2.3.3op2-21.el9.aarch64

cups-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-libsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-libs-1:2.3.3op2-21.el9.aarch64

cups-lpd is earlier than 1:2.3.3op2-21.el9  oval:com.redhat.rhsa:tst:20236596013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990007 of type rpminfo_object
Name
cups-lpd

cups-lpd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990007 of type rpminfo_object
Name
cups-lpd

cups-printerapp is earlier than 1:2.3.3op2-21.el9  oval:com.redhat.rhsa:tst:20236596015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990008 of type rpminfo_object
Name
cups-printerapp

cups-printerapp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990008 of type rpminfo_object
Name
cups-printerapp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236595
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

iwl100-firmware is earlier than 0:39.31.5.1-140.el9_3  oval:com.redhat.rhsa:tst:20236595001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl100-firmwarenoarch(none)140.el9_339.31.5.10:39.31.5.1-140.el9_3199e2f91fd431d51iwl100-firmware-0:39.31.5.1-140.el9_3.noarch

iwl100-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl100-firmwarenoarch(none)140.el9_339.31.5.10:39.31.5.1-140.el9_3199e2f91fd431d51iwl100-firmware-0:39.31.5.1-140.el9_3.noarch

iwl1000-firmware is earlier than 1:39.31.5.1-140.el9_3  oval:com.redhat.rhsa:tst:20236595003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl1000-firmwarenoarch1140.el9_339.31.5.11:39.31.5.1-140.el9_3199e2f91fd431d51iwl1000-firmware-1:39.31.5.1-140.el9_3.noarch

iwl1000-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl1000-firmwarenoarch1140.el9_339.31.5.11:39.31.5.1-140.el9_3199e2f91fd431d51iwl1000-firmware-1:39.31.5.1-140.el9_3.noarch

iwl105-firmware is earlier than 0:18.168.6.1-140.el9_3  oval:com.redhat.rhsa:tst:20236595005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl105-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl105-firmware-0:18.168.6.1-140.el9_3.noarch

iwl105-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl105-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl105-firmware-0:18.168.6.1-140.el9_3.noarch

iwl135-firmware is earlier than 0:18.168.6.1-140.el9_3  oval:com.redhat.rhsa:tst:20236595007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl135-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl135-firmware-0:18.168.6.1-140.el9_3.noarch

iwl135-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl135-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl135-firmware-0:18.168.6.1-140.el9_3.noarch

iwl2000-firmware is earlier than 0:18.168.6.1-140.el9_3  oval:com.redhat.rhsa:tst:20236595009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl2000-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl2000-firmware-0:18.168.6.1-140.el9_3.noarch

iwl2000-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl2000-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl2000-firmware-0:18.168.6.1-140.el9_3.noarch

iwl2030-firmware is earlier than 0:18.168.6.1-140.el9_3  oval:com.redhat.rhsa:tst:20236595011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl2030-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl2030-firmware-0:18.168.6.1-140.el9_3.noarch

iwl2030-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl2030-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl2030-firmware-0:18.168.6.1-140.el9_3.noarch

iwl3160-firmware is earlier than 1:25.30.13.0-140.el9_3  oval:com.redhat.rhsa:tst:20236595013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl3160-firmwarenoarch1140.el9_325.30.13.01:25.30.13.0-140.el9_3199e2f91fd431d51iwl3160-firmware-1:25.30.13.0-140.el9_3.noarch

iwl3160-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl3160-firmwarenoarch1140.el9_325.30.13.01:25.30.13.0-140.el9_3199e2f91fd431d51iwl3160-firmware-1:25.30.13.0-140.el9_3.noarch

iwl5000-firmware is earlier than 0:8.83.5.1_1-140.el9_3  oval:com.redhat.rhsa:tst:20236595015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl5000-firmwarenoarch(none)140.el9_38.83.5.1_10:8.83.5.1_1-140.el9_3199e2f91fd431d51iwl5000-firmware-0:8.83.5.1_1-140.el9_3.noarch

iwl5000-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl5000-firmwarenoarch(none)140.el9_38.83.5.1_10:8.83.5.1_1-140.el9_3199e2f91fd431d51iwl5000-firmware-0:8.83.5.1_1-140.el9_3.noarch

iwl5150-firmware is earlier than 0:8.24.2.2-140.el9_3  oval:com.redhat.rhsa:tst:20236595017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl5150-firmwarenoarch(none)140.el9_38.24.2.20:8.24.2.2-140.el9_3199e2f91fd431d51iwl5150-firmware-0:8.24.2.2-140.el9_3.noarch

iwl5150-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl5150-firmwarenoarch(none)140.el9_38.24.2.20:8.24.2.2-140.el9_3199e2f91fd431d51iwl5150-firmware-0:8.24.2.2-140.el9_3.noarch

iwl6000g2a-firmware is earlier than 0:18.168.6.1-140.el9_3  oval:com.redhat.rhsa:tst:20236595019  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6000g2a-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl6000g2a-firmware-0:18.168.6.1-140.el9_3.noarch

iwl6000g2a-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068020  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6000g2a-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl6000g2a-firmware-0:18.168.6.1-140.el9_3.noarch

iwl6000g2b-firmware is earlier than 0:18.168.6.1-140.el9_3  oval:com.redhat.rhsa:tst:20236595021  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6000g2b-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl6000g2b-firmware-0:18.168.6.1-140.el9_3.noarch

iwl6000g2b-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068022  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6000g2b-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl6000g2b-firmware-0:18.168.6.1-140.el9_3.noarch

iwl6050-firmware is earlier than 0:41.28.5.1-140.el9_3  oval:com.redhat.rhsa:tst:20236595023  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6050-firmwarenoarch(none)140.el9_341.28.5.10:41.28.5.1-140.el9_3199e2f91fd431d51iwl6050-firmware-0:41.28.5.1-140.el9_3.noarch

iwl6050-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068024  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6050-firmwarenoarch(none)140.el9_341.28.5.10:41.28.5.1-140.el9_3199e2f91fd431d51iwl6050-firmware-0:41.28.5.1-140.el9_3.noarch

iwl7260-firmware is earlier than 1:25.30.13.0-140.el9_3  oval:com.redhat.rhsa:tst:20236595025  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl7260-firmwarenoarch1140.el9_325.30.13.01:25.30.13.0-140.el9_3199e2f91fd431d51iwl7260-firmware-1:25.30.13.0-140.el9_3.noarch

iwl7260-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068026  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl7260-firmwarenoarch1140.el9_325.30.13.01:25.30.13.0-140.el9_3199e2f91fd431d51iwl7260-firmware-1:25.30.13.0-140.el9_3.noarch

libertas-sd8787-firmware is earlier than 0:20230814-140.el9_3  oval:com.redhat.rhsa:tst:20236595027  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libertas-sd8787-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51libertas-sd8787-firmware-0:20230814-140.el9_3.noarch

libertas-sd8787-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068028  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libertas-sd8787-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51libertas-sd8787-firmware-0:20230814-140.el9_3.noarch

linux-firmware is earlier than 0:20230814-140.el9_3  oval:com.redhat.rhsa:tst:20236595029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
linux-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51linux-firmware-0:20230814-140.el9_3.noarch

linux-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068030  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
linux-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51linux-firmware-0:20230814-140.el9_3.noarch

linux-firmware-whence is earlier than 0:20230814-140.el9_3  oval:com.redhat.rhsa:tst:20236595031  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
linux-firmware-whencenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51linux-firmware-whence-0:20230814-140.el9_3.noarch

linux-firmware-whence is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
linux-firmware-whencenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51linux-firmware-whence-0:20230814-140.el9_3.noarch

netronome-firmware is earlier than 0:20230814-140.el9_3  oval:com.redhat.rhsa:tst:20236595033  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
netronome-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51netronome-firmware-0:20230814-140.el9_3.noarch

netronome-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068034  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
netronome-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51netronome-firmware-0:20230814-140.el9_3.noarch
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236593
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

binutils is earlier than 0:2.35.2-42.el9  oval:com.redhat.rhsa:tst:20236593001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
binutilsaarch64(none)42.el92.35.20:2.35.2-42.el9199e2f91fd431d51binutils-0:2.35.2-42.el9.aarch64

binutils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236593002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
binutilsaarch64(none)42.el92.35.20:2.35.2-42.el9199e2f91fd431d51binutils-0:2.35.2-42.el9.aarch64

binutils-devel is earlier than 0:2.35.2-42.el9  oval:com.redhat.rhsa:tst:20236593003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236593002 of type rpminfo_object
Name
binutils-devel

binutils-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236593004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236593002 of type rpminfo_object
Name
binutils-devel

binutils-gold is earlier than 0:2.35.2-42.el9  oval:com.redhat.rhsa:tst:20236593005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
binutils-goldaarch64(none)42.el92.35.20:2.35.2-42.el9199e2f91fd431d51binutils-gold-0:2.35.2-42.el9.aarch64

binutils-gold is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236593006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
binutils-goldaarch64(none)42.el92.35.20:2.35.2-42.el9199e2f91fd431d51binutils-gold-0:2.35.2-42.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236587
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

opensc is earlier than 0:0.23.0-2.el9  oval:com.redhat.rhsa:tst:20236587001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236587001 of type rpminfo_object
Name
opensc

opensc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236587002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236587001 of type rpminfo_object
Name
opensc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236578
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libqb is earlier than 0:2.0.6-4.el9_3  oval:com.redhat.rhsa:tst:20236578001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236578001 of type rpminfo_object
Name
libqb

libqb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236578002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236578001 of type rpminfo_object
Name
libqb

libqb-devel is earlier than 0:2.0.6-4.el9_3  oval:com.redhat.rhsa:tst:20236578003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236578002 of type rpminfo_object
Name
libqb-devel

libqb-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236578004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236578002 of type rpminfo_object
Name
libqb-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236575
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libtiff is earlier than 0:4.4.0-10.el9  oval:com.redhat.rhsa:tst:20236575001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtiffaarch64(none)10.el94.4.00:4.4.0-10.el9199e2f91fd431d51libtiff-0:4.4.0-10.el9.aarch64

libtiff is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtiffaarch64(none)10.el94.4.00:4.4.0-10.el9199e2f91fd431d51libtiff-0:4.4.0-10.el9.aarch64

libtiff-devel is earlier than 0:4.4.0-10.el9  oval:com.redhat.rhsa:tst:20236575003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194002 of type rpminfo_object
Name
libtiff-devel

libtiff-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194002 of type rpminfo_object
Name
libtiff-devel

libtiff-tools is earlier than 0:4.4.0-10.el9  oval:com.redhat.rhsa:tst:20236575005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194003 of type rpminfo_object
Name
libtiff-tools

libtiff-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194003 of type rpminfo_object
Name
libtiff-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236570
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tomcat is earlier than 1:9.0.62-37.el9_3  oval:com.redhat.rhsa:tst:20236570001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929001 of type rpminfo_object
Name
tomcat

tomcat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929001 of type rpminfo_object
Name
tomcat

tomcat-admin-webapps is earlier than 1:9.0.62-37.el9_3  oval:com.redhat.rhsa:tst:20236570003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929002 of type rpminfo_object
Name
tomcat-admin-webapps

tomcat-admin-webapps is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929002 of type rpminfo_object
Name
tomcat-admin-webapps

tomcat-docs-webapp is earlier than 1:9.0.62-37.el9_3  oval:com.redhat.rhsa:tst:20236570005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929003 of type rpminfo_object
Name
tomcat-docs-webapp

tomcat-docs-webapp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929003 of type rpminfo_object
Name
tomcat-docs-webapp

tomcat-el-3.0-api is earlier than 1:9.0.62-37.el9_3  oval:com.redhat.rhsa:tst:20236570007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929004 of type rpminfo_object
Name
tomcat-el-3.0-api

tomcat-el-3.0-api is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929004 of type rpminfo_object
Name
tomcat-el-3.0-api

tomcat-jsp-2.3-api is earlier than 1:9.0.62-37.el9_3  oval:com.redhat.rhsa:tst:20236570009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929005 of type rpminfo_object
Name
tomcat-jsp-2.3-api

tomcat-jsp-2.3-api is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929005 of type rpminfo_object
Name
tomcat-jsp-2.3-api

tomcat-lib is earlier than 1:9.0.62-37.el9_3  oval:com.redhat.rhsa:tst:20236570011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929006 of type rpminfo_object
Name
tomcat-lib

tomcat-lib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929006 of type rpminfo_object
Name
tomcat-lib

tomcat-servlet-4.0-api is earlier than 1:9.0.62-37.el9_3  oval:com.redhat.rhsa:tst:20236570013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929007 of type rpminfo_object
Name
tomcat-servlet-4.0-api

tomcat-servlet-4.0-api is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929007 of type rpminfo_object
Name
tomcat-servlet-4.0-api

tomcat-webapps is earlier than 1:9.0.62-37.el9_3  oval:com.redhat.rhsa:tst:20236570015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929008 of type rpminfo_object
Name
tomcat-webapps

tomcat-webapps is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929008 of type rpminfo_object
Name
tomcat-webapps
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236569
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

sysstat is earlier than 0:12.5.4-7.el9  oval:com.redhat.rhsa:tst:20236569001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232234001 of type rpminfo_object
Name
sysstat

sysstat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232234002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232234001 of type rpminfo_object
Name
sysstat
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236566
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libmicrohttpd is earlier than 1:0.9.72-5.el9  oval:com.redhat.rhsa:tst:20236566001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236566001 of type rpminfo_object
Name
libmicrohttpd

libmicrohttpd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236566002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236566001 of type rpminfo_object
Name
libmicrohttpd

libmicrohttpd-devel is earlier than 1:0.9.72-5.el9  oval:com.redhat.rhsa:tst:20236566003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236566002 of type rpminfo_object
Name
libmicrohttpd-devel

libmicrohttpd-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236566004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236566002 of type rpminfo_object
Name
libmicrohttpd-devel

libmicrohttpd-doc is earlier than 1:0.9.72-5.el9  oval:com.redhat.rhsa:tst:20236566005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236566003 of type rpminfo_object
Name
libmicrohttpd-doc

libmicrohttpd-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236566006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236566003 of type rpminfo_object
Name
libmicrohttpd-doc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236551
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

yajl is earlier than 0:2.1.0-22.el9  oval:com.redhat.rhsa:tst:20236551001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
yajlaarch64(none)22.el92.1.00:2.1.0-22.el9199e2f91fd431d51yajl-0:2.1.0-22.el9.aarch64

yajl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228252002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
yajlaarch64(none)22.el92.1.00:2.1.0-22.el9199e2f91fd431d51yajl-0:2.1.0-22.el9.aarch64

yajl-devel is earlier than 0:2.1.0-22.el9  oval:com.redhat.rhsa:tst:20236551003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228252002 of type rpminfo_object
Name
yajl-devel

yajl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228252004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228252002 of type rpminfo_object
Name
yajl-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236549
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libreswan is earlier than 0:4.12-1.el9  oval:com.redhat.rhsa:tst:20236549001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232120001 of type rpminfo_object
Name
libreswan

libreswan is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232120002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232120001 of type rpminfo_object
Name
libreswan
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236544
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ghostscript is earlier than 0:9.54.0-13.el9  oval:com.redhat.rhsa:tst:20236544001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscriptaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-0:9.54.0-14.el9_3.aarch64

ghostscript is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscriptaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-0:9.54.0-14.el9_3.aarch64

ghostscript-doc is earlier than 0:9.54.0-13.el9  oval:com.redhat.rhsa:tst:20236544003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459002 of type rpminfo_object
Name
ghostscript-doc

ghostscript-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459002 of type rpminfo_object
Name
ghostscript-doc

ghostscript-tools-dvipdf is earlier than 0:9.54.0-13.el9  oval:com.redhat.rhsa:tst:20236544005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459003 of type rpminfo_object
Name
ghostscript-tools-dvipdf

ghostscript-tools-dvipdf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459003 of type rpminfo_object
Name
ghostscript-tools-dvipdf

ghostscript-tools-fonts is earlier than 0:9.54.0-13.el9  oval:com.redhat.rhsa:tst:20236544007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-fontsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-fonts-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-fonts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-fontsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-fonts-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-printing is earlier than 0:9.54.0-13.el9  oval:com.redhat.rhsa:tst:20236544009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-printingaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-printing-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-printing is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-printingaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-printing-0:9.54.0-14.el9_3.aarch64

ghostscript-x11 is earlier than 0:9.54.0-13.el9  oval:com.redhat.rhsa:tst:20236544011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459006 of type rpminfo_object
Name
ghostscript-x11

ghostscript-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459006 of type rpminfo_object
Name
ghostscript-x11

libgs is earlier than 0:9.54.0-13.el9  oval:com.redhat.rhsa:tst:20236544013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libgsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51libgs-0:9.54.0-14.el9_3.aarch64

libgs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libgsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51libgs-0:9.54.0-14.el9_3.aarch64

libgs-devel is earlier than 0:9.54.0-13.el9  oval:com.redhat.rhsa:tst:20236544015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459008 of type rpminfo_object
Name
libgs-devel

libgs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459008 of type rpminfo_object
Name
libgs-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236542
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

perl-HTTP-Tiny is earlier than 0:0.076-461.el9  oval:com.redhat.rhsa:tst:20236542001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
perl-HTTP-Tinynoarch(none)461.el90.0760:0.076-461.el9199e2f91fd431d51perl-HTTP-Tiny-0:0.076-461.el9.noarch

perl-HTTP-Tiny is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236542002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
perl-HTTP-Tinynoarch(none)461.el90.0760:0.076-461.el9199e2f91fd431d51perl-HTTP-Tiny-0:0.076-461.el9.noarch
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236539
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

perl-CPAN is earlier than 0:2.29-3.el9  oval:com.redhat.rhsa:tst:20236539001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236539001 of type rpminfo_object
Name
perl-CPAN

perl-CPAN is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236539002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236539001 of type rpminfo_object
Name
perl-CPAN
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236535
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

webkit2gtk3 is earlier than 0:2.40.5-1.el9  oval:com.redhat.rhsa:tst:20236535001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-devel is earlier than 0:2.40.5-1.el9  oval:com.redhat.rhsa:tst:20236535003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-jsc is earlier than 0:2.40.5-1.el9  oval:com.redhat.rhsa:tst:20236535005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc-devel is earlier than 0:2.40.5-1.el9  oval:com.redhat.rhsa:tst:20236535007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel

webkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236524
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

dnsmasq is earlier than 0:2.85-14.el9  oval:com.redhat.rhsa:tst:20236524001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dnsmasqaarch64(none)14.el92.850:2.85-14.el9199e2f91fd431d51dnsmasq-0:2.85-14.el9.aarch64

dnsmasq is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228070002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dnsmasqaarch64(none)14.el92.850:2.85-14.el9199e2f91fd431d51dnsmasq-0:2.85-14.el9.aarch64

dnsmasq-utils is earlier than 0:2.85-14.el9  oval:com.redhat.rhsa:tst:20236524003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228070002 of type rpminfo_object
Name
dnsmasq-utils

dnsmasq-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228070004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228070002 of type rpminfo_object
Name
dnsmasq-utils
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236523
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-tornado is earlier than 0:6.1.0-9.el9  oval:com.redhat.rhsa:tst:20236523001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236523001 of type rpminfo_object
Name
python3-tornado

python3-tornado is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236523002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236523001 of type rpminfo_object
Name
python3-tornado
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236518
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

flatpak is earlier than 0:1.12.8-1.el9  oval:com.redhat.rhsa:tst:20236518001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flatpakaarch64(none)1.el91.12.80:1.12.8-1.el9199e2f91fd431d51flatpak-0:1.12.8-1.el9.aarch64

flatpak is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236518002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flatpakaarch64(none)1.el91.12.80:1.12.8-1.el9199e2f91fd431d51flatpak-0:1.12.8-1.el9.aarch64

flatpak-devel is earlier than 0:1.12.8-1.el9  oval:com.redhat.rhsa:tst:20236518003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236518002 of type rpminfo_object
Name
flatpak-devel

flatpak-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236518004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236518002 of type rpminfo_object
Name
flatpak-devel

flatpak-libs is earlier than 0:1.12.8-1.el9  oval:com.redhat.rhsa:tst:20236518005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flatpak-libsaarch64(none)1.el91.12.80:1.12.8-1.el9199e2f91fd431d51flatpak-libs-0:1.12.8-1.el9.aarch64

flatpak-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236518006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flatpak-libsaarch64(none)1.el91.12.80:1.12.8-1.el9199e2f91fd431d51flatpak-libs-0:1.12.8-1.el9.aarch64

flatpak-selinux is earlier than 0:1.12.8-1.el9  oval:com.redhat.rhsa:tst:20236518007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flatpak-selinuxnoarch(none)1.el91.12.80:1.12.8-1.el9199e2f91fd431d51flatpak-selinux-0:1.12.8-1.el9.noarch

flatpak-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236518008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flatpak-selinuxnoarch(none)1.el91.12.80:1.12.8-1.el9199e2f91fd431d51flatpak-selinux-0:1.12.8-1.el9.noarch

flatpak-session-helper is earlier than 0:1.12.8-1.el9  oval:com.redhat.rhsa:tst:20236518009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flatpak-session-helperaarch64(none)1.el91.12.80:1.12.8-1.el9199e2f91fd431d51flatpak-session-helper-0:1.12.8-1.el9.aarch64

flatpak-session-helper is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236518010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flatpak-session-helperaarch64(none)1.el91.12.80:1.12.8-1.el9199e2f91fd431d51flatpak-session-helper-0:1.12.8-1.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236508
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

autocorr-af is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304001 of type rpminfo_object
Name
autocorr-af

autocorr-af is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304001 of type rpminfo_object
Name
autocorr-af

autocorr-bg is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304002 of type rpminfo_object
Name
autocorr-bg

autocorr-bg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304002 of type rpminfo_object
Name
autocorr-bg

autocorr-ca is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304003 of type rpminfo_object
Name
autocorr-ca

autocorr-ca is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304003 of type rpminfo_object
Name
autocorr-ca

autocorr-cs is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304004 of type rpminfo_object
Name
autocorr-cs

autocorr-cs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304004 of type rpminfo_object
Name
autocorr-cs

autocorr-da is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304005 of type rpminfo_object
Name
autocorr-da

autocorr-da is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304005 of type rpminfo_object
Name
autocorr-da

autocorr-de is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304006 of type rpminfo_object
Name
autocorr-de

autocorr-de is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304006 of type rpminfo_object
Name
autocorr-de

autocorr-dsb is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304007 of type rpminfo_object
Name
autocorr-dsb

autocorr-dsb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304007 of type rpminfo_object
Name
autocorr-dsb

autocorr-el is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304008 of type rpminfo_object
Name
autocorr-el

autocorr-el is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304008 of type rpminfo_object
Name
autocorr-el

autocorr-en is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304009 of type rpminfo_object
Name
autocorr-en

autocorr-en is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304009 of type rpminfo_object
Name
autocorr-en

autocorr-es is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304010 of type rpminfo_object
Name
autocorr-es

autocorr-es is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304010 of type rpminfo_object
Name
autocorr-es

autocorr-fa is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304011 of type rpminfo_object
Name
autocorr-fa

autocorr-fa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304011 of type rpminfo_object
Name
autocorr-fa

autocorr-fi is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304012 of type rpminfo_object
Name
autocorr-fi

autocorr-fi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304012 of type rpminfo_object
Name
autocorr-fi

autocorr-fr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304013 of type rpminfo_object
Name
autocorr-fr

autocorr-fr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304013 of type rpminfo_object
Name
autocorr-fr

autocorr-ga is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304014 of type rpminfo_object
Name
autocorr-ga

autocorr-ga is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304014 of type rpminfo_object
Name
autocorr-ga

autocorr-hr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304015 of type rpminfo_object
Name
autocorr-hr

autocorr-hr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304015 of type rpminfo_object
Name
autocorr-hr

autocorr-hsb is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304016 of type rpminfo_object
Name
autocorr-hsb

autocorr-hsb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304016 of type rpminfo_object
Name
autocorr-hsb

autocorr-hu is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304017 of type rpminfo_object
Name
autocorr-hu

autocorr-hu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304017 of type rpminfo_object
Name
autocorr-hu

autocorr-is is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304018 of type rpminfo_object
Name
autocorr-is

autocorr-is is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304018 of type rpminfo_object
Name
autocorr-is

autocorr-it is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304019 of type rpminfo_object
Name
autocorr-it

autocorr-it is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304019 of type rpminfo_object
Name
autocorr-it

autocorr-ja is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304020 of type rpminfo_object
Name
autocorr-ja

autocorr-ja is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304020 of type rpminfo_object
Name
autocorr-ja

autocorr-ko is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304021 of type rpminfo_object
Name
autocorr-ko

autocorr-ko is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304021 of type rpminfo_object
Name
autocorr-ko

autocorr-lb is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304022 of type rpminfo_object
Name
autocorr-lb

autocorr-lb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304022 of type rpminfo_object
Name
autocorr-lb

autocorr-lt is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304023 of type rpminfo_object
Name
autocorr-lt

autocorr-lt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304023 of type rpminfo_object
Name
autocorr-lt

autocorr-mn is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304024 of type rpminfo_object
Name
autocorr-mn

autocorr-mn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304024 of type rpminfo_object
Name
autocorr-mn

autocorr-nl is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304025 of type rpminfo_object
Name
autocorr-nl

autocorr-nl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304025 of type rpminfo_object
Name
autocorr-nl

autocorr-pl is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304026 of type rpminfo_object
Name
autocorr-pl

autocorr-pl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304026 of type rpminfo_object
Name
autocorr-pl

autocorr-pt is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304027 of type rpminfo_object
Name
autocorr-pt

autocorr-pt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304027 of type rpminfo_object
Name
autocorr-pt

autocorr-ro is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304028 of type rpminfo_object
Name
autocorr-ro

autocorr-ro is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304028 of type rpminfo_object
Name
autocorr-ro

autocorr-ru is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304029 of type rpminfo_object
Name
autocorr-ru

autocorr-ru is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304058  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304029 of type rpminfo_object
Name
autocorr-ru

autocorr-sk is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304030 of type rpminfo_object
Name
autocorr-sk

autocorr-sk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304060  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304030 of type rpminfo_object
Name
autocorr-sk

autocorr-sl is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304031 of type rpminfo_object
Name
autocorr-sl

autocorr-sl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304062  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304031 of type rpminfo_object
Name
autocorr-sl

autocorr-sr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304032 of type rpminfo_object
Name
autocorr-sr

autocorr-sr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304064  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304032 of type rpminfo_object
Name
autocorr-sr

autocorr-sv is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508065  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304033 of type rpminfo_object
Name
autocorr-sv

autocorr-sv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304066  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304033 of type rpminfo_object
Name
autocorr-sv

autocorr-tr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304034 of type rpminfo_object
Name
autocorr-tr

autocorr-tr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304068  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304034 of type rpminfo_object
Name
autocorr-tr

autocorr-vi is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508069  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304035 of type rpminfo_object
Name
autocorr-vi

autocorr-vi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304070  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304035 of type rpminfo_object
Name
autocorr-vi

autocorr-vro is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508071  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304036 of type rpminfo_object
Name
autocorr-vro

autocorr-vro is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304072  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304036 of type rpminfo_object
Name
autocorr-vro

autocorr-zh is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508073  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304037 of type rpminfo_object
Name
autocorr-zh

autocorr-zh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304074  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304037 of type rpminfo_object
Name
autocorr-zh

libreoffice is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508075  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236508038 of type rpminfo_object
Name
libreoffice

libreoffice is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236508076  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236508038 of type rpminfo_object
Name
libreoffice

libreoffice-base is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508077  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304038 of type rpminfo_object
Name
libreoffice-base

libreoffice-base is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304076  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304038 of type rpminfo_object
Name
libreoffice-base

libreoffice-calc is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508079  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304039 of type rpminfo_object
Name
libreoffice-calc

libreoffice-calc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304078  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304039 of type rpminfo_object
Name
libreoffice-calc

libreoffice-core is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508081  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304040 of type rpminfo_object
Name
libreoffice-core

libreoffice-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304080  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304040 of type rpminfo_object
Name
libreoffice-core

libreoffice-data is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508083  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304041 of type rpminfo_object
Name
libreoffice-data

libreoffice-data is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304082  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304041 of type rpminfo_object
Name
libreoffice-data

libreoffice-draw is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508085  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304042 of type rpminfo_object
Name
libreoffice-draw

libreoffice-draw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304084  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304042 of type rpminfo_object
Name
libreoffice-draw

libreoffice-emailmerge is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508087  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304043 of type rpminfo_object
Name
libreoffice-emailmerge

libreoffice-emailmerge is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304086  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304043 of type rpminfo_object
Name
libreoffice-emailmerge

libreoffice-filters is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508089  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304044 of type rpminfo_object
Name
libreoffice-filters

libreoffice-filters is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304088  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304044 of type rpminfo_object
Name
libreoffice-filters

libreoffice-gdb-debug-support is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508091  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304045 of type rpminfo_object
Name
libreoffice-gdb-debug-support

libreoffice-gdb-debug-support is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304090  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304045 of type rpminfo_object
Name
libreoffice-gdb-debug-support

libreoffice-graphicfilter is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508093  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304046 of type rpminfo_object
Name
libreoffice-graphicfilter

libreoffice-graphicfilter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304092  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304046 of type rpminfo_object
Name
libreoffice-graphicfilter

libreoffice-gtk3 is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508095  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304047 of type rpminfo_object
Name
libreoffice-gtk3

libreoffice-gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304094  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304047 of type rpminfo_object
Name
libreoffice-gtk3

libreoffice-help-ar is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508097  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304048 of type rpminfo_object
Name
libreoffice-help-ar

libreoffice-help-ar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304096  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304048 of type rpminfo_object
Name
libreoffice-help-ar

libreoffice-help-bg is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508099  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304049 of type rpminfo_object
Name
libreoffice-help-bg

libreoffice-help-bg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304098  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304049 of type rpminfo_object
Name
libreoffice-help-bg

libreoffice-help-bn is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508101  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304050 of type rpminfo_object
Name
libreoffice-help-bn

libreoffice-help-bn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304100  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304050 of type rpminfo_object
Name
libreoffice-help-bn

libreoffice-help-ca is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508103  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304051 of type rpminfo_object
Name
libreoffice-help-ca

libreoffice-help-ca is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304102  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304051 of type rpminfo_object
Name
libreoffice-help-ca

libreoffice-help-cs is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508105  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304052 of type rpminfo_object
Name
libreoffice-help-cs

libreoffice-help-cs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304104  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304052 of type rpminfo_object
Name
libreoffice-help-cs

libreoffice-help-da is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508107  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304053 of type rpminfo_object
Name
libreoffice-help-da

libreoffice-help-da is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304106  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304053 of type rpminfo_object
Name
libreoffice-help-da

libreoffice-help-de is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508109  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304054 of type rpminfo_object
Name
libreoffice-help-de

libreoffice-help-de is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304108  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304054 of type rpminfo_object
Name
libreoffice-help-de

libreoffice-help-dz is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508111  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304055 of type rpminfo_object
Name
libreoffice-help-dz

libreoffice-help-dz is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304110  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304055 of type rpminfo_object
Name
libreoffice-help-dz

libreoffice-help-el is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508113  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304056 of type rpminfo_object
Name
libreoffice-help-el

libreoffice-help-el is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304112  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304056 of type rpminfo_object
Name
libreoffice-help-el

libreoffice-help-en is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508115  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304057 of type rpminfo_object
Name
libreoffice-help-en

libreoffice-help-en is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304114  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304057 of type rpminfo_object
Name
libreoffice-help-en

libreoffice-help-eo is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508117  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304058 of type rpminfo_object
Name
libreoffice-help-eo

libreoffice-help-eo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304116  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304058 of type rpminfo_object
Name
libreoffice-help-eo

libreoffice-help-es is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508119  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304059 of type rpminfo_object
Name
libreoffice-help-es

libreoffice-help-es is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304118  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304059 of type rpminfo_object
Name
libreoffice-help-es

libreoffice-help-et is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508121  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304060 of type rpminfo_object
Name
libreoffice-help-et

libreoffice-help-et is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304120  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304060 of type rpminfo_object
Name
libreoffice-help-et

libreoffice-help-eu is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508123  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304061 of type rpminfo_object
Name
libreoffice-help-eu

libreoffice-help-eu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304122  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304061 of type rpminfo_object
Name
libreoffice-help-eu

libreoffice-help-fi is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508125  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304062 of type rpminfo_object
Name
libreoffice-help-fi

libreoffice-help-fi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304124  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304062 of type rpminfo_object
Name
libreoffice-help-fi

libreoffice-help-fr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508127  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304063 of type rpminfo_object
Name
libreoffice-help-fr

libreoffice-help-fr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304126  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304063 of type rpminfo_object
Name
libreoffice-help-fr

libreoffice-help-gl is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508129  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304064 of type rpminfo_object
Name
libreoffice-help-gl

libreoffice-help-gl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304128  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304064 of type rpminfo_object
Name
libreoffice-help-gl

libreoffice-help-gu is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508131  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304065 of type rpminfo_object
Name
libreoffice-help-gu

libreoffice-help-gu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304130  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304065 of type rpminfo_object
Name
libreoffice-help-gu

libreoffice-help-he is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508133  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304066 of type rpminfo_object
Name
libreoffice-help-he

libreoffice-help-he is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304132  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304066 of type rpminfo_object
Name
libreoffice-help-he

libreoffice-help-hi is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508135  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304067 of type rpminfo_object
Name
libreoffice-help-hi

libreoffice-help-hi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304134  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304067 of type rpminfo_object
Name
libreoffice-help-hi

libreoffice-help-hr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508137  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304068 of type rpminfo_object
Name
libreoffice-help-hr

libreoffice-help-hr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304136  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304068 of type rpminfo_object
Name
libreoffice-help-hr

libreoffice-help-hu is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508139  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304069 of type rpminfo_object
Name
libreoffice-help-hu

libreoffice-help-hu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304138  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304069 of type rpminfo_object
Name
libreoffice-help-hu

libreoffice-help-id is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508141  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304070 of type rpminfo_object
Name
libreoffice-help-id

libreoffice-help-id is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304140  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304070 of type rpminfo_object
Name
libreoffice-help-id

libreoffice-help-it is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508143  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304071 of type rpminfo_object
Name
libreoffice-help-it

libreoffice-help-it is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304142  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304071 of type rpminfo_object
Name
libreoffice-help-it

libreoffice-help-ja is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508145  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304072 of type rpminfo_object
Name
libreoffice-help-ja

libreoffice-help-ja is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304144  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304072 of type rpminfo_object
Name
libreoffice-help-ja

libreoffice-help-ko is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508147  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304073 of type rpminfo_object
Name
libreoffice-help-ko

libreoffice-help-ko is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304146  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304073 of type rpminfo_object
Name
libreoffice-help-ko

libreoffice-help-lt is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508149  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304074 of type rpminfo_object
Name
libreoffice-help-lt

libreoffice-help-lt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304148  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304074 of type rpminfo_object
Name
libreoffice-help-lt

libreoffice-help-lv is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508151  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304075 of type rpminfo_object
Name
libreoffice-help-lv

libreoffice-help-lv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304150  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304075 of type rpminfo_object
Name
libreoffice-help-lv

libreoffice-help-nb is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508153  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304076 of type rpminfo_object
Name
libreoffice-help-nb

libreoffice-help-nb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304152  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304076 of type rpminfo_object
Name
libreoffice-help-nb

libreoffice-help-nl is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508155  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304077 of type rpminfo_object
Name
libreoffice-help-nl

libreoffice-help-nl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304154  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304077 of type rpminfo_object
Name
libreoffice-help-nl

libreoffice-help-nn is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508157  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304078 of type rpminfo_object
Name
libreoffice-help-nn

libreoffice-help-nn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304156  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304078 of type rpminfo_object
Name
libreoffice-help-nn

libreoffice-help-pl is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508159  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304079 of type rpminfo_object
Name
libreoffice-help-pl

libreoffice-help-pl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304158  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304079 of type rpminfo_object
Name
libreoffice-help-pl

libreoffice-help-pt-BR is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508161  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304080 of type rpminfo_object
Name
libreoffice-help-pt-BR

libreoffice-help-pt-BR is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304160  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304080 of type rpminfo_object
Name
libreoffice-help-pt-BR

libreoffice-help-pt-PT is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508163  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304081 of type rpminfo_object
Name
libreoffice-help-pt-PT

libreoffice-help-pt-PT is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304162  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304081 of type rpminfo_object
Name
libreoffice-help-pt-PT

libreoffice-help-ro is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508165  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304082 of type rpminfo_object
Name
libreoffice-help-ro

libreoffice-help-ro is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304164  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304082 of type rpminfo_object
Name
libreoffice-help-ro

libreoffice-help-ru is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508167  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304083 of type rpminfo_object
Name
libreoffice-help-ru

libreoffice-help-ru is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304166  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304083 of type rpminfo_object
Name
libreoffice-help-ru

libreoffice-help-si is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508169  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304084 of type rpminfo_object
Name
libreoffice-help-si

libreoffice-help-si is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304168  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304084 of type rpminfo_object
Name
libreoffice-help-si

libreoffice-help-sk is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508171  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304085 of type rpminfo_object
Name
libreoffice-help-sk

libreoffice-help-sk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304170  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304085 of type rpminfo_object
Name
libreoffice-help-sk

libreoffice-help-sl is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508173  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304086 of type rpminfo_object
Name
libreoffice-help-sl

libreoffice-help-sl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304172  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304086 of type rpminfo_object
Name
libreoffice-help-sl

libreoffice-help-sv is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508175  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304087 of type rpminfo_object
Name
libreoffice-help-sv

libreoffice-help-sv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304174  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304087 of type rpminfo_object
Name
libreoffice-help-sv

libreoffice-help-ta is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508177  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304088 of type rpminfo_object
Name
libreoffice-help-ta

libreoffice-help-ta is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304176  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304088 of type rpminfo_object
Name
libreoffice-help-ta

libreoffice-help-tr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508179  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304089 of type rpminfo_object
Name
libreoffice-help-tr

libreoffice-help-tr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304178  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304089 of type rpminfo_object
Name
libreoffice-help-tr

libreoffice-help-uk is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508181  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304090 of type rpminfo_object
Name
libreoffice-help-uk

libreoffice-help-uk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304180  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304090 of type rpminfo_object
Name
libreoffice-help-uk

libreoffice-help-zh-Hans is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508183  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304091 of type rpminfo_object
Name
libreoffice-help-zh-Hans

libreoffice-help-zh-Hans is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304182  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304091 of type rpminfo_object
Name
libreoffice-help-zh-Hans

libreoffice-help-zh-Hant is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508185  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304092 of type rpminfo_object
Name
libreoffice-help-zh-Hant

libreoffice-help-zh-Hant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304184  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304092 of type rpminfo_object
Name
libreoffice-help-zh-Hant

libreoffice-impress is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508187  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304093 of type rpminfo_object
Name
libreoffice-impress

libreoffice-impress is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304186  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304093 of type rpminfo_object
Name
libreoffice-impress

libreoffice-langpack-af is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508189  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304094 of type rpminfo_object
Name
libreoffice-langpack-af

libreoffice-langpack-af is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304188  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304094 of type rpminfo_object
Name
libreoffice-langpack-af

libreoffice-langpack-ar is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508191  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304095 of type rpminfo_object
Name
libreoffice-langpack-ar

libreoffice-langpack-ar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304190  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304095 of type rpminfo_object
Name
libreoffice-langpack-ar

libreoffice-langpack-as is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508193  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304096 of type rpminfo_object
Name
libreoffice-langpack-as

libreoffice-langpack-as is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304192  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304096 of type rpminfo_object
Name
libreoffice-langpack-as

libreoffice-langpack-bg is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508195  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304097 of type rpminfo_object
Name
libreoffice-langpack-bg

libreoffice-langpack-bg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304194  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304097 of type rpminfo_object
Name
libreoffice-langpack-bg

libreoffice-langpack-bn is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508197  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304098 of type rpminfo_object
Name
libreoffice-langpack-bn

libreoffice-langpack-bn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304196  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304098 of type rpminfo_object
Name
libreoffice-langpack-bn

libreoffice-langpack-br is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508199  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304099 of type rpminfo_object
Name
libreoffice-langpack-br

libreoffice-langpack-br is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304198  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304099 of type rpminfo_object
Name
libreoffice-langpack-br

libreoffice-langpack-ca is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508201  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304100 of type rpminfo_object
Name
libreoffice-langpack-ca

libreoffice-langpack-ca is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304200  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304100 of type rpminfo_object
Name
libreoffice-langpack-ca

libreoffice-langpack-cs is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508203  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304101 of type rpminfo_object
Name
libreoffice-langpack-cs

libreoffice-langpack-cs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304202  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304101 of type rpminfo_object
Name
libreoffice-langpack-cs

libreoffice-langpack-cy is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508205  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304102 of type rpminfo_object
Name
libreoffice-langpack-cy

libreoffice-langpack-cy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304204  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304102 of type rpminfo_object
Name
libreoffice-langpack-cy

libreoffice-langpack-da is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508207  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304103 of type rpminfo_object
Name
libreoffice-langpack-da

libreoffice-langpack-da is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304206  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304103 of type rpminfo_object
Name
libreoffice-langpack-da

libreoffice-langpack-de is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508209  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304104 of type rpminfo_object
Name
libreoffice-langpack-de

libreoffice-langpack-de is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304208  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304104 of type rpminfo_object
Name
libreoffice-langpack-de

libreoffice-langpack-dz is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508211  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304105 of type rpminfo_object
Name
libreoffice-langpack-dz

libreoffice-langpack-dz is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304210  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304105 of type rpminfo_object
Name
libreoffice-langpack-dz

libreoffice-langpack-el is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508213  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304106 of type rpminfo_object
Name
libreoffice-langpack-el

libreoffice-langpack-el is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304212  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304106 of type rpminfo_object
Name
libreoffice-langpack-el

libreoffice-langpack-en is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508215  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304107 of type rpminfo_object
Name
libreoffice-langpack-en

libreoffice-langpack-en is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304214  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304107 of type rpminfo_object
Name
libreoffice-langpack-en

libreoffice-langpack-eo is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508217  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304108 of type rpminfo_object
Name
libreoffice-langpack-eo

libreoffice-langpack-eo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304216  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304108 of type rpminfo_object
Name
libreoffice-langpack-eo

libreoffice-langpack-es is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508219  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304109 of type rpminfo_object
Name
libreoffice-langpack-es

libreoffice-langpack-es is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304218  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304109 of type rpminfo_object
Name
libreoffice-langpack-es

libreoffice-langpack-et is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508221  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304110 of type rpminfo_object
Name
libreoffice-langpack-et

libreoffice-langpack-et is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304220  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304110 of type rpminfo_object
Name
libreoffice-langpack-et

libreoffice-langpack-eu is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508223  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304111 of type rpminfo_object
Name
libreoffice-langpack-eu

libreoffice-langpack-eu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304222  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304111 of type rpminfo_object
Name
libreoffice-langpack-eu

libreoffice-langpack-fa is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508225  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304112 of type rpminfo_object
Name
libreoffice-langpack-fa

libreoffice-langpack-fa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304224  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304112 of type rpminfo_object
Name
libreoffice-langpack-fa

libreoffice-langpack-fi is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508227  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304113 of type rpminfo_object
Name
libreoffice-langpack-fi

libreoffice-langpack-fi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304226  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304113 of type rpminfo_object
Name
libreoffice-langpack-fi

libreoffice-langpack-fr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508229  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304114 of type rpminfo_object
Name
libreoffice-langpack-fr

libreoffice-langpack-fr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304228  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304114 of type rpminfo_object
Name
libreoffice-langpack-fr

libreoffice-langpack-fy is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508231  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304115 of type rpminfo_object
Name
libreoffice-langpack-fy

libreoffice-langpack-fy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304230  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304115 of type rpminfo_object
Name
libreoffice-langpack-fy

libreoffice-langpack-ga is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508233  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304116 of type rpminfo_object
Name
libreoffice-langpack-ga

libreoffice-langpack-ga is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304232  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304116 of type rpminfo_object
Name
libreoffice-langpack-ga

libreoffice-langpack-gl is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508235  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304117 of type rpminfo_object
Name
libreoffice-langpack-gl

libreoffice-langpack-gl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304234  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304117 of type rpminfo_object
Name
libreoffice-langpack-gl

libreoffice-langpack-gu is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508237  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304118 of type rpminfo_object
Name
libreoffice-langpack-gu

libreoffice-langpack-gu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304236  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304118 of type rpminfo_object
Name
libreoffice-langpack-gu

libreoffice-langpack-he is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508239  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304119 of type rpminfo_object
Name
libreoffice-langpack-he

libreoffice-langpack-he is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304238  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304119 of type rpminfo_object
Name
libreoffice-langpack-he

libreoffice-langpack-hi is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508241  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304120 of type rpminfo_object
Name
libreoffice-langpack-hi

libreoffice-langpack-hi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304240  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304120 of type rpminfo_object
Name
libreoffice-langpack-hi

libreoffice-langpack-hr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508243  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304121 of type rpminfo_object
Name
libreoffice-langpack-hr

libreoffice-langpack-hr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304242  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304121 of type rpminfo_object
Name
libreoffice-langpack-hr

libreoffice-langpack-hu is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508245  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304122 of type rpminfo_object
Name
libreoffice-langpack-hu

libreoffice-langpack-hu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304244  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304122 of type rpminfo_object
Name
libreoffice-langpack-hu

libreoffice-langpack-id is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508247  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304123 of type rpminfo_object
Name
libreoffice-langpack-id

libreoffice-langpack-id is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304246  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304123 of type rpminfo_object
Name
libreoffice-langpack-id

libreoffice-langpack-it is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508249  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304124 of type rpminfo_object
Name
libreoffice-langpack-it

libreoffice-langpack-it is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304248  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304124 of type rpminfo_object
Name
libreoffice-langpack-it

libreoffice-langpack-ja is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508251  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304125 of type rpminfo_object
Name
libreoffice-langpack-ja

libreoffice-langpack-ja is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304250  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304125 of type rpminfo_object
Name
libreoffice-langpack-ja

libreoffice-langpack-kk is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508253  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304126 of type rpminfo_object
Name
libreoffice-langpack-kk

libreoffice-langpack-kk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304252  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304126 of type rpminfo_object
Name
libreoffice-langpack-kk

libreoffice-langpack-kn is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508255  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304127 of type rpminfo_object
Name
libreoffice-langpack-kn

libreoffice-langpack-kn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304254  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304127 of type rpminfo_object
Name
libreoffice-langpack-kn

libreoffice-langpack-ko is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508257  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304128 of type rpminfo_object
Name
libreoffice-langpack-ko

libreoffice-langpack-ko is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304256  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304128 of type rpminfo_object
Name
libreoffice-langpack-ko

libreoffice-langpack-lt is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508259  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304129 of type rpminfo_object
Name
libreoffice-langpack-lt

libreoffice-langpack-lt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304258  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304129 of type rpminfo_object
Name
libreoffice-langpack-lt

libreoffice-langpack-lv is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508261  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304130 of type rpminfo_object
Name
libreoffice-langpack-lv

libreoffice-langpack-lv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304260  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304130 of type rpminfo_object
Name
libreoffice-langpack-lv

libreoffice-langpack-mai is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508263  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304131 of type rpminfo_object
Name
libreoffice-langpack-mai

libreoffice-langpack-mai is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304262  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304131 of type rpminfo_object
Name
libreoffice-langpack-mai

libreoffice-langpack-ml is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508265  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304132 of type rpminfo_object
Name
libreoffice-langpack-ml

libreoffice-langpack-ml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304264  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304132 of type rpminfo_object
Name
libreoffice-langpack-ml

libreoffice-langpack-mr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508267  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304133 of type rpminfo_object
Name
libreoffice-langpack-mr

libreoffice-langpack-mr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304266  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304133 of type rpminfo_object
Name
libreoffice-langpack-mr

libreoffice-langpack-nb is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508269  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304134 of type rpminfo_object
Name
libreoffice-langpack-nb

libreoffice-langpack-nb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304268  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304134 of type rpminfo_object
Name
libreoffice-langpack-nb

libreoffice-langpack-nl is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508271  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304135 of type rpminfo_object
Name
libreoffice-langpack-nl

libreoffice-langpack-nl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304270  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304135 of type rpminfo_object
Name
libreoffice-langpack-nl

libreoffice-langpack-nn is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508273  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304136 of type rpminfo_object
Name
libreoffice-langpack-nn

libreoffice-langpack-nn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304272  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304136 of type rpminfo_object
Name
libreoffice-langpack-nn

libreoffice-langpack-nr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508275  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304137 of type rpminfo_object
Name
libreoffice-langpack-nr

libreoffice-langpack-nr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304274  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304137 of type rpminfo_object
Name
libreoffice-langpack-nr

libreoffice-langpack-nso is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508277  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304138 of type rpminfo_object
Name
libreoffice-langpack-nso

libreoffice-langpack-nso is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304276  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304138 of type rpminfo_object
Name
libreoffice-langpack-nso

libreoffice-langpack-or is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508279  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304139 of type rpminfo_object
Name
libreoffice-langpack-or

libreoffice-langpack-or is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304278  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304139 of type rpminfo_object
Name
libreoffice-langpack-or

libreoffice-langpack-pa is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508281  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304140 of type rpminfo_object
Name
libreoffice-langpack-pa

libreoffice-langpack-pa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304280  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304140 of type rpminfo_object
Name
libreoffice-langpack-pa

libreoffice-langpack-pl is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508283  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304141 of type rpminfo_object
Name
libreoffice-langpack-pl

libreoffice-langpack-pl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304282  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304141 of type rpminfo_object
Name
libreoffice-langpack-pl

libreoffice-langpack-pt-BR is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508285  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304142 of type rpminfo_object
Name
libreoffice-langpack-pt-BR

libreoffice-langpack-pt-BR is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304284  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304142 of type rpminfo_object
Name
libreoffice-langpack-pt-BR

libreoffice-langpack-pt-PT is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508287  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304143 of type rpminfo_object
Name
libreoffice-langpack-pt-PT

libreoffice-langpack-pt-PT is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304286  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304143 of type rpminfo_object
Name
libreoffice-langpack-pt-PT

libreoffice-langpack-ro is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508289  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304144 of type rpminfo_object
Name
libreoffice-langpack-ro

libreoffice-langpack-ro is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304288  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304144 of type rpminfo_object
Name
libreoffice-langpack-ro

libreoffice-langpack-ru is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508291  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304145 of type rpminfo_object
Name
libreoffice-langpack-ru

libreoffice-langpack-ru is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304290  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304145 of type rpminfo_object
Name
libreoffice-langpack-ru

libreoffice-langpack-si is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508293  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304146 of type rpminfo_object
Name
libreoffice-langpack-si

libreoffice-langpack-si is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304292  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304146 of type rpminfo_object
Name
libreoffice-langpack-si

libreoffice-langpack-sk is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508295  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304147 of type rpminfo_object
Name
libreoffice-langpack-sk

libreoffice-langpack-sk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304294  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304147 of type rpminfo_object
Name
libreoffice-langpack-sk

libreoffice-langpack-sl is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508297  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304148 of type rpminfo_object
Name
libreoffice-langpack-sl

libreoffice-langpack-sl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304296  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304148 of type rpminfo_object
Name
libreoffice-langpack-sl

libreoffice-langpack-sr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508299  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304149 of type rpminfo_object
Name
libreoffice-langpack-sr

libreoffice-langpack-sr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304298  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304149 of type rpminfo_object
Name
libreoffice-langpack-sr

libreoffice-langpack-ss is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508301  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304150 of type rpminfo_object
Name
libreoffice-langpack-ss

libreoffice-langpack-ss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304300  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304150 of type rpminfo_object
Name
libreoffice-langpack-ss

libreoffice-langpack-st is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508303  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304151 of type rpminfo_object
Name
libreoffice-langpack-st

libreoffice-langpack-st is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304302  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304151 of type rpminfo_object
Name
libreoffice-langpack-st

libreoffice-langpack-sv is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508305  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304152 of type rpminfo_object
Name
libreoffice-langpack-sv

libreoffice-langpack-sv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304304  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304152 of type rpminfo_object
Name
libreoffice-langpack-sv

libreoffice-langpack-ta is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508307  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304153 of type rpminfo_object
Name
libreoffice-langpack-ta

libreoffice-langpack-ta is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304306  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304153 of type rpminfo_object
Name
libreoffice-langpack-ta

libreoffice-langpack-te is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508309  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304154 of type rpminfo_object
Name
libreoffice-langpack-te

libreoffice-langpack-te is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304308  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304154 of type rpminfo_object
Name
libreoffice-langpack-te

libreoffice-langpack-th is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508311  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304155 of type rpminfo_object
Name
libreoffice-langpack-th

libreoffice-langpack-th is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304310  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304155 of type rpminfo_object
Name
libreoffice-langpack-th

libreoffice-langpack-tn is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508313  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304156 of type rpminfo_object
Name
libreoffice-langpack-tn

libreoffice-langpack-tn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304312  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304156 of type rpminfo_object
Name
libreoffice-langpack-tn

libreoffice-langpack-tr is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508315  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304157 of type rpminfo_object
Name
libreoffice-langpack-tr

libreoffice-langpack-tr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304314  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304157 of type rpminfo_object
Name
libreoffice-langpack-tr

libreoffice-langpack-ts is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508317  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304158 of type rpminfo_object
Name
libreoffice-langpack-ts

libreoffice-langpack-ts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304316  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304158 of type rpminfo_object
Name
libreoffice-langpack-ts

libreoffice-langpack-uk is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508319  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304159 of type rpminfo_object
Name
libreoffice-langpack-uk

libreoffice-langpack-uk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304318  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304159 of type rpminfo_object
Name
libreoffice-langpack-uk

libreoffice-langpack-ve is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508321  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304160 of type rpminfo_object
Name
libreoffice-langpack-ve

libreoffice-langpack-ve is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304320  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304160 of type rpminfo_object
Name
libreoffice-langpack-ve

libreoffice-langpack-xh is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508323  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304161 of type rpminfo_object
Name
libreoffice-langpack-xh

libreoffice-langpack-xh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304322  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304161 of type rpminfo_object
Name
libreoffice-langpack-xh

libreoffice-langpack-zh-Hans is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508325  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304162 of type rpminfo_object
Name
libreoffice-langpack-zh-Hans

libreoffice-langpack-zh-Hans is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304324  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304162 of type rpminfo_object
Name
libreoffice-langpack-zh-Hans

libreoffice-langpack-zh-Hant is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508327  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304163 of type rpminfo_object
Name
libreoffice-langpack-zh-Hant

libreoffice-langpack-zh-Hant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304326  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304163 of type rpminfo_object
Name
libreoffice-langpack-zh-Hant

libreoffice-langpack-zu is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508329  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304164 of type rpminfo_object
Name
libreoffice-langpack-zu

libreoffice-langpack-zu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304328  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304164 of type rpminfo_object
Name
libreoffice-langpack-zu

libreoffice-math is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508331  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304165 of type rpminfo_object
Name
libreoffice-math

libreoffice-math is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304330  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304165 of type rpminfo_object
Name
libreoffice-math

libreoffice-ogltrans is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508333  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304166 of type rpminfo_object
Name
libreoffice-ogltrans

libreoffice-ogltrans is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304332  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304166 of type rpminfo_object
Name
libreoffice-ogltrans

libreoffice-opensymbol-fonts is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508335  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304167 of type rpminfo_object
Name
libreoffice-opensymbol-fonts

libreoffice-opensymbol-fonts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304334  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304167 of type rpminfo_object
Name
libreoffice-opensymbol-fonts

libreoffice-pdfimport is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508337  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304168 of type rpminfo_object
Name
libreoffice-pdfimport

libreoffice-pdfimport is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304336  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304168 of type rpminfo_object
Name
libreoffice-pdfimport

libreoffice-pyuno is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508339  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304169 of type rpminfo_object
Name
libreoffice-pyuno

libreoffice-pyuno is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304338  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304169 of type rpminfo_object
Name
libreoffice-pyuno

libreoffice-sdk is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508341  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304170 of type rpminfo_object
Name
libreoffice-sdk

libreoffice-sdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304340  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304170 of type rpminfo_object
Name
libreoffice-sdk

libreoffice-sdk-doc is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508343  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304171 of type rpminfo_object
Name
libreoffice-sdk-doc

libreoffice-sdk-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304342  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304171 of type rpminfo_object
Name
libreoffice-sdk-doc

libreoffice-ure is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508345  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304172 of type rpminfo_object
Name
libreoffice-ure

libreoffice-ure is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304344  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304172 of type rpminfo_object
Name
libreoffice-ure

libreoffice-ure-common is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508347  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304173 of type rpminfo_object
Name
libreoffice-ure-common

libreoffice-ure-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304346  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304173 of type rpminfo_object
Name
libreoffice-ure-common

libreoffice-wiki-publisher is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508349  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304174 of type rpminfo_object
Name
libreoffice-wiki-publisher

libreoffice-wiki-publisher is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304348  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304174 of type rpminfo_object
Name
libreoffice-wiki-publisher

libreoffice-writer is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508351  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304175 of type rpminfo_object
Name
libreoffice-writer

libreoffice-writer is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304350  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304175 of type rpminfo_object
Name
libreoffice-writer

libreoffice-x11 is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508353  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304176 of type rpminfo_object
Name
libreoffice-x11

libreoffice-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304352  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304176 of type rpminfo_object
Name
libreoffice-x11

libreoffice-xsltfilter is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508355  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304177 of type rpminfo_object
Name
libreoffice-xsltfilter

libreoffice-xsltfilter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304354  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304177 of type rpminfo_object
Name
libreoffice-xsltfilter

libreofficekit is earlier than 1:7.1.8.1-11.el9  oval:com.redhat.rhsa:tst:20236508357  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304178 of type rpminfo_object
Name
libreofficekit

libreofficekit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304356  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304178 of type rpminfo_object
Name
libreofficekit
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236497
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libX11 is earlier than 0:1.7.0-8.el9  oval:com.redhat.rhsa:tst:20236497001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libX11aarch64(none)8.el91.7.00:1.7.0-8.el9199e2f91fd431d51libX11-0:1.7.0-8.el9.aarch64

libX11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236497002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libX11aarch64(none)8.el91.7.00:1.7.0-8.el9199e2f91fd431d51libX11-0:1.7.0-8.el9.aarch64

libX11-common is earlier than 0:1.7.0-8.el9  oval:com.redhat.rhsa:tst:20236497003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libX11-commonnoarch(none)8.el91.7.00:1.7.0-8.el9199e2f91fd431d51libX11-common-0:1.7.0-8.el9.noarch

libX11-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236497004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libX11-commonnoarch(none)8.el91.7.00:1.7.0-8.el9199e2f91fd431d51libX11-common-0:1.7.0-8.el9.noarch

libX11-devel is earlier than 0:1.7.0-8.el9  oval:com.redhat.rhsa:tst:20236497005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236497003 of type rpminfo_object
Name
libX11-devel

libX11-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236497006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236497003 of type rpminfo_object
Name
libX11-devel

libX11-xcb is earlier than 0:1.7.0-8.el9  oval:com.redhat.rhsa:tst:20236497007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libX11-xcbaarch64(none)8.el91.7.00:1.7.0-8.el9199e2f91fd431d51libX11-xcb-0:1.7.0-8.el9.aarch64

libX11-xcb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236497008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libX11-xcbaarch64(none)8.el91.7.00:1.7.0-8.el9199e2f91fd431d51libX11-xcb-0:1.7.0-8.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236496
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

haproxy is earlier than 0:2.4.22-1.el9  oval:com.redhat.rhsa:tst:20236496001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231696001 of type rpminfo_object
Name
haproxy

haproxy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231696002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231696001 of type rpminfo_object
Name
haproxy
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236494
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3.11 is earlier than 0:3.11.5-1.el9_3  oval:com.redhat.rhsa:tst:20236494001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585001 of type rpminfo_object
Name
python3.11

python3.11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585001 of type rpminfo_object
Name
python3.11

python3.11-debug is earlier than 0:3.11.5-1.el9_3  oval:com.redhat.rhsa:tst:20236494003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585002 of type rpminfo_object
Name
python3.11-debug

python3.11-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585002 of type rpminfo_object
Name
python3.11-debug

python3.11-devel is earlier than 0:3.11.5-1.el9_3  oval:com.redhat.rhsa:tst:20236494005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585003 of type rpminfo_object
Name
python3.11-devel

python3.11-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585003 of type rpminfo_object
Name
python3.11-devel

python3.11-idle is earlier than 0:3.11.5-1.el9_3  oval:com.redhat.rhsa:tst:20236494007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585004 of type rpminfo_object
Name
python3.11-idle

python3.11-idle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585004 of type rpminfo_object
Name
python3.11-idle

python3.11-libs is earlier than 0:3.11.5-1.el9_3  oval:com.redhat.rhsa:tst:20236494009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585005 of type rpminfo_object
Name
python3.11-libs

python3.11-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585005 of type rpminfo_object
Name
python3.11-libs

python3.11-test is earlier than 0:3.11.5-1.el9_3  oval:com.redhat.rhsa:tst:20236494011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585006 of type rpminfo_object
Name
python3.11-test

python3.11-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585006 of type rpminfo_object
Name
python3.11-test

python3.11-tkinter is earlier than 0:3.11.5-1.el9_3  oval:com.redhat.rhsa:tst:20236494013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585007 of type rpminfo_object
Name
python3.11-tkinter

python3.11-tkinter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585007 of type rpminfo_object
Name
python3.11-tkinter
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236492
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tang is earlier than 0:14-2.el9  oval:com.redhat.rhsa:tst:20236492001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236492001 of type rpminfo_object
Name
tang

tang is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236492002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236492001 of type rpminfo_object
Name
tang
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236482
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

librabbitmq is earlier than 0:0.11.0-7.el9  oval:com.redhat.rhsa:tst:20236482001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236482001 of type rpminfo_object
Name
librabbitmq

librabbitmq is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236482002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236482001 of type rpminfo_object
Name
librabbitmq

librabbitmq-devel is earlier than 0:0.11.0-7.el9  oval:com.redhat.rhsa:tst:20236482003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236482002 of type rpminfo_object
Name
librabbitmq-devel

librabbitmq-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236482004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236482002 of type rpminfo_object
Name
librabbitmq-devel

librabbitmq-tools is earlier than 0:0.11.0-7.el9  oval:com.redhat.rhsa:tst:20236482005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236482003 of type rpminfo_object
Name
librabbitmq-tools

librabbitmq-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236482006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236482003 of type rpminfo_object
Name
librabbitmq-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236474
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

podman is earlier than 2:4.6.1-5.el9  oval:com.redhat.rhsa:tst:20236474001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
podmanaarch6427.el9_34.6.12:4.6.1-7.el9_3199e2f91fd431d51podman-2:4.6.1-7.el9_3.aarch64

podman is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
podmanaarch6427.el9_34.6.12:4.6.1-7.el9_3199e2f91fd431d51podman-2:4.6.1-7.el9_3.aarch64

podman-docker is earlier than 2:4.6.1-5.el9  oval:com.redhat.rhsa:tst:20236474003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954002 of type rpminfo_object
Name
podman-docker

podman-docker is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954002 of type rpminfo_object
Name
podman-docker

podman-gvproxy is earlier than 2:4.6.1-5.el9  oval:com.redhat.rhsa:tst:20236474005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954003 of type rpminfo_object
Name
podman-gvproxy

podman-gvproxy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954003 of type rpminfo_object
Name
podman-gvproxy

podman-plugins is earlier than 2:4.6.1-5.el9  oval:com.redhat.rhsa:tst:20236474007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954004 of type rpminfo_object
Name
podman-plugins

podman-plugins is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954004 of type rpminfo_object
Name
podman-plugins

podman-remote is earlier than 2:4.6.1-5.el9  oval:com.redhat.rhsa:tst:20236474009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954005 of type rpminfo_object
Name
podman-remote

podman-remote is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954005 of type rpminfo_object
Name
podman-remote

podman-tests is earlier than 2:4.6.1-5.el9  oval:com.redhat.rhsa:tst:20236474011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954006 of type rpminfo_object
Name
podman-tests

podman-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954006 of type rpminfo_object
Name
podman-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236473
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

buildah is earlier than 1:1.31.3-1.el9  oval:com.redhat.rhsa:tst:20236473001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
buildahaarch6412.el9_31.31.31:1.31.3-2.el9_3199e2f91fd431d51buildah-1:1.31.3-2.el9_3.aarch64

buildah is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228008002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
buildahaarch6412.el9_31.31.31:1.31.3-2.el9_3199e2f91fd431d51buildah-1:1.31.3-2.el9_3.aarch64

buildah-tests is earlier than 1:1.31.3-1.el9  oval:com.redhat.rhsa:tst:20236473003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228008002 of type rpminfo_object
Name
buildah-tests

buildah-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228008004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228008002 of type rpminfo_object
Name
buildah-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236469
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

wireshark is earlier than 1:3.4.10-6.el9  oval:com.redhat.rhsa:tst:20236469001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373001 of type rpminfo_object
Name
wireshark

wireshark is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232373002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373001 of type rpminfo_object
Name
wireshark

wireshark-cli is earlier than 1:3.4.10-6.el9  oval:com.redhat.rhsa:tst:20236469003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373002 of type rpminfo_object
Name
wireshark-cli

wireshark-cli is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232373004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373002 of type rpminfo_object
Name
wireshark-cli

wireshark-devel is earlier than 1:3.4.10-6.el9  oval:com.redhat.rhsa:tst:20236469005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373003 of type rpminfo_object
Name
wireshark-devel

wireshark-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232373006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373003 of type rpminfo_object
Name
wireshark-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236434
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

frr is earlier than 0:8.3.1-11.el9_3  oval:com.redhat.rhsa:tst:20236434001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228112001 of type rpminfo_object
Name
frr

frr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228112002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228112001 of type rpminfo_object
Name
frr

frr-selinux is earlier than 0:8.3.1-11.el9_3  oval:com.redhat.rhsa:tst:20236434003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232202002 of type rpminfo_object
Name
frr-selinux

frr-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232202004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232202002 of type rpminfo_object
Name
frr-selinux
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236431
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libfastjson is earlier than 0:0.99.9-5.el9  oval:com.redhat.rhsa:tst:20236431001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libfastjsonaarch64(none)5.el90.99.90:0.99.9-5.el9199e2f91fd431d51libfastjson-0:0.99.9-5.el9.aarch64

libfastjson is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236431002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libfastjsonaarch64(none)5.el90.99.90:0.99.9-5.el9199e2f91fd431d51libfastjson-0:0.99.9-5.el9.aarch64

libfastjson-devel is earlier than 0:0.99.9-5.el9  oval:com.redhat.rhsa:tst:20236431003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236431002 of type rpminfo_object
Name
libfastjson-devel

libfastjson-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236431004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236431002 of type rpminfo_object
Name
libfastjson-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236429
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libpq is earlier than 0:13.11-1.el9  oval:com.redhat.rhsa:tst:20236429001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libpqaarch64(none)1.el913.110:13.11-1.el9199e2f91fd431d51libpq-0:13.11-1.el9.aarch64

libpq is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236429002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libpqaarch64(none)1.el913.110:13.11-1.el9199e2f91fd431d51libpq-0:13.11-1.el9.aarch64

libpq-devel is earlier than 0:13.11-1.el9  oval:com.redhat.rhsa:tst:20236429003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236429002 of type rpminfo_object
Name
libpq-devel

libpq-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236429004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236429002 of type rpminfo_object
Name
libpq-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236420
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

grafana is earlier than 0:9.2.10-7.el9_3  oval:com.redhat.rhsa:tst:20236420001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana

grafana is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225716002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236409
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libvirt is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003001 of type rpminfo_object
Name
libvirt

libvirt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003001 of type rpminfo_object
Name
libvirt

libvirt-client is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003002 of type rpminfo_object
Name
libvirt-client

libvirt-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003002 of type rpminfo_object
Name
libvirt-client

libvirt-client-qemu is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233715003 of type rpminfo_object
Name
libvirt-client-qemu

libvirt-client-qemu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233715006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233715003 of type rpminfo_object
Name
libvirt-client-qemu

libvirt-daemon is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003003 of type rpminfo_object
Name
libvirt-daemon

libvirt-daemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003003 of type rpminfo_object
Name
libvirt-daemon

libvirt-daemon-common is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409005 of type rpminfo_object
Name
libvirt-daemon-common

libvirt-daemon-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236409010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409005 of type rpminfo_object
Name
libvirt-daemon-common

libvirt-daemon-config-network is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003004 of type rpminfo_object
Name
libvirt-daemon-config-network

libvirt-daemon-config-network is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003004 of type rpminfo_object
Name
libvirt-daemon-config-network

libvirt-daemon-config-nwfilter is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003005 of type rpminfo_object
Name
libvirt-daemon-config-nwfilter

libvirt-daemon-config-nwfilter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003005 of type rpminfo_object
Name
libvirt-daemon-config-nwfilter

libvirt-daemon-driver-interface is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003006 of type rpminfo_object
Name
libvirt-daemon-driver-interface

libvirt-daemon-driver-interface is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003006 of type rpminfo_object
Name
libvirt-daemon-driver-interface

libvirt-daemon-driver-network is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003007 of type rpminfo_object
Name
libvirt-daemon-driver-network

libvirt-daemon-driver-network is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003007 of type rpminfo_object
Name
libvirt-daemon-driver-network

libvirt-daemon-driver-nodedev is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003008 of type rpminfo_object
Name
libvirt-daemon-driver-nodedev

libvirt-daemon-driver-nodedev is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003008 of type rpminfo_object
Name
libvirt-daemon-driver-nodedev

libvirt-daemon-driver-nwfilter is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003009 of type rpminfo_object
Name
libvirt-daemon-driver-nwfilter

libvirt-daemon-driver-nwfilter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003009 of type rpminfo_object
Name
libvirt-daemon-driver-nwfilter

libvirt-daemon-driver-qemu is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003010 of type rpminfo_object
Name
libvirt-daemon-driver-qemu

libvirt-daemon-driver-qemu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003010 of type rpminfo_object
Name
libvirt-daemon-driver-qemu

libvirt-daemon-driver-secret is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003011 of type rpminfo_object
Name
libvirt-daemon-driver-secret

libvirt-daemon-driver-secret is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003011 of type rpminfo_object
Name
libvirt-daemon-driver-secret

libvirt-daemon-driver-storage is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003012 of type rpminfo_object
Name
libvirt-daemon-driver-storage

libvirt-daemon-driver-storage is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003012 of type rpminfo_object
Name
libvirt-daemon-driver-storage

libvirt-daemon-driver-storage-core is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003013 of type rpminfo_object
Name
libvirt-daemon-driver-storage-core

libvirt-daemon-driver-storage-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003013 of type rpminfo_object
Name
libvirt-daemon-driver-storage-core

libvirt-daemon-driver-storage-disk is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003014 of type rpminfo_object
Name
libvirt-daemon-driver-storage-disk

libvirt-daemon-driver-storage-disk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003014 of type rpminfo_object
Name
libvirt-daemon-driver-storage-disk

libvirt-daemon-driver-storage-iscsi is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003015 of type rpminfo_object
Name
libvirt-daemon-driver-storage-iscsi

libvirt-daemon-driver-storage-iscsi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003015 of type rpminfo_object
Name
libvirt-daemon-driver-storage-iscsi

libvirt-daemon-driver-storage-logical is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003016 of type rpminfo_object
Name
libvirt-daemon-driver-storage-logical

libvirt-daemon-driver-storage-logical is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003016 of type rpminfo_object
Name
libvirt-daemon-driver-storage-logical

libvirt-daemon-driver-storage-mpath is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003017 of type rpminfo_object
Name
libvirt-daemon-driver-storage-mpath

libvirt-daemon-driver-storage-mpath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003017 of type rpminfo_object
Name
libvirt-daemon-driver-storage-mpath

libvirt-daemon-driver-storage-rbd is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003018 of type rpminfo_object
Name
libvirt-daemon-driver-storage-rbd

libvirt-daemon-driver-storage-rbd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003018 of type rpminfo_object
Name
libvirt-daemon-driver-storage-rbd

libvirt-daemon-driver-storage-scsi is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003019 of type rpminfo_object
Name
libvirt-daemon-driver-storage-scsi

libvirt-daemon-driver-storage-scsi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003019 of type rpminfo_object
Name
libvirt-daemon-driver-storage-scsi

libvirt-daemon-kvm is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003020 of type rpminfo_object
Name
libvirt-daemon-kvm

libvirt-daemon-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003020 of type rpminfo_object
Name
libvirt-daemon-kvm

libvirt-daemon-lock is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409023 of type rpminfo_object
Name
libvirt-daemon-lock

libvirt-daemon-lock is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236409046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409023 of type rpminfo_object
Name
libvirt-daemon-lock

libvirt-daemon-log is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409024 of type rpminfo_object
Name
libvirt-daemon-log

libvirt-daemon-log is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236409048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409024 of type rpminfo_object
Name
libvirt-daemon-log

libvirt-daemon-plugin-lockd is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409025 of type rpminfo_object
Name
libvirt-daemon-plugin-lockd

libvirt-daemon-plugin-lockd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236409050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409025 of type rpminfo_object
Name
libvirt-daemon-plugin-lockd

libvirt-daemon-plugin-sanlock is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409026 of type rpminfo_object
Name
libvirt-daemon-plugin-sanlock

libvirt-daemon-plugin-sanlock is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236409052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409026 of type rpminfo_object
Name
libvirt-daemon-plugin-sanlock

libvirt-daemon-proxy is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409027 of type rpminfo_object
Name
libvirt-daemon-proxy

libvirt-daemon-proxy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236409054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236409027 of type rpminfo_object
Name
libvirt-daemon-proxy

libvirt-devel is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003021 of type rpminfo_object
Name
libvirt-devel

libvirt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003021 of type rpminfo_object
Name
libvirt-devel

libvirt-docs is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003022 of type rpminfo_object
Name
libvirt-docs

libvirt-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003022 of type rpminfo_object
Name
libvirt-docs

libvirt-libs is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003023 of type rpminfo_object
Name
libvirt-libs

libvirt-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003023 of type rpminfo_object
Name
libvirt-libs

libvirt-nss is earlier than 0:9.5.0-7.el9_3  oval:com.redhat.rhsa:tst:20236409061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003025 of type rpminfo_object
Name
libvirt-nss

libvirt-nss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003025 of type rpminfo_object
Name
libvirt-nss
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236403
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

httpd is earlier than 0:2.4.57-5.el9  oval:com.redhat.rhsa:tst:20236403001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067001 of type rpminfo_object
Name
httpd

httpd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067001 of type rpminfo_object
Name
httpd

httpd-core is earlier than 0:2.4.57-5.el9  oval:com.redhat.rhsa:tst:20236403003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067002 of type rpminfo_object
Name
httpd-core

httpd-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067002 of type rpminfo_object
Name
httpd-core

httpd-devel is earlier than 0:2.4.57-5.el9  oval:com.redhat.rhsa:tst:20236403005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067003 of type rpminfo_object
Name
httpd-devel

httpd-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067003 of type rpminfo_object
Name
httpd-devel

httpd-filesystem is earlier than 0:2.4.57-5.el9  oval:com.redhat.rhsa:tst:20236403007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067004 of type rpminfo_object
Name
httpd-filesystem

httpd-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067004 of type rpminfo_object
Name
httpd-filesystem

httpd-manual is earlier than 0:2.4.57-5.el9  oval:com.redhat.rhsa:tst:20236403009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067005 of type rpminfo_object
Name
httpd-manual

httpd-manual is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067005 of type rpminfo_object
Name
httpd-manual

httpd-tools is earlier than 0:2.4.57-5.el9  oval:com.redhat.rhsa:tst:20236403011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067006 of type rpminfo_object
Name
httpd-tools

httpd-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067006 of type rpminfo_object
Name
httpd-tools

mod_ldap is earlier than 0:2.4.57-5.el9  oval:com.redhat.rhsa:tst:20236403013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067007 of type rpminfo_object
Name
mod_ldap

mod_ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067007 of type rpminfo_object
Name
mod_ldap

mod_lua is earlier than 0:2.4.57-5.el9  oval:com.redhat.rhsa:tst:20236403015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067008 of type rpminfo_object
Name
mod_lua

mod_lua is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067008 of type rpminfo_object
Name
mod_lua

mod_proxy_html is earlier than 1:2.4.57-5.el9  oval:com.redhat.rhsa:tst:20236403017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067009 of type rpminfo_object
Name
mod_proxy_html

mod_proxy_html is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067009 of type rpminfo_object
Name
mod_proxy_html

mod_session is earlier than 0:2.4.57-5.el9  oval:com.redhat.rhsa:tst:20236403019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067010 of type rpminfo_object
Name
mod_session

mod_session is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067010 of type rpminfo_object
Name
mod_session

mod_ssl is earlier than 1:2.4.57-5.el9  oval:com.redhat.rhsa:tst:20236403021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067011 of type rpminfo_object
Name
mod_ssl

mod_ssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067011 of type rpminfo_object
Name
mod_ssl
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236402
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

containernetworking-plugins is earlier than 1:1.3.0-4.el9  oval:com.redhat.rhsa:tst:20236402001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
containernetworking-pluginsaarch6416.el9_31.3.01:1.3.0-6.el9_3199e2f91fd431d51containernetworking-plugins-1:1.3.0-6.el9_3.aarch64

containernetworking-plugins is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232367002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
containernetworking-pluginsaarch6416.el9_31.3.01:1.3.0-6.el9_3199e2f91fd431d51containernetworking-plugins-1:1.3.0-6.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236385
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

liblouis is earlier than 0:3.16.1-5.el9  oval:com.redhat.rhsa:tst:20236385001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
liblouisaarch64(none)5.el93.16.10:3.16.1-5.el9199e2f91fd431d51liblouis-0:3.16.1-5.el9.aarch64

liblouis is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236385002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
liblouisaarch64(none)5.el93.16.10:3.16.1-5.el9199e2f91fd431d51liblouis-0:3.16.1-5.el9.aarch64

python3-louis is earlier than 0:3.16.1-5.el9  oval:com.redhat.rhsa:tst:20236385003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-louisnoarch(none)5.el93.16.10:3.16.1-5.el9199e2f91fd431d51python3-louis-0:3.16.1-5.el9.noarch

python3-louis is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236385004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-louisnoarch(none)5.el93.16.10:3.16.1-5.el9199e2f91fd431d51python3-louis-0:3.16.1-5.el9.noarch
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236380
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

runc is earlier than 4:1.1.9-1.el9  oval:com.redhat.rhsa:tst:20236380001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228090001 of type rpminfo_object
Name
runc

runc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228090002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228090001 of type rpminfo_object
Name
runc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236372
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gdb is earlier than 0:10.2-11.el9  oval:com.redhat.rhsa:tst:20236372001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236372001 of type rpminfo_object
Name
gdb

gdb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236372002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236372001 of type rpminfo_object
Name
gdb

gdb-doc is earlier than 0:10.2-11.el9  oval:com.redhat.rhsa:tst:20236372003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236372002 of type rpminfo_object
Name
gdb-doc

gdb-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236372004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236372002 of type rpminfo_object
Name
gdb-doc

gdb-gdbserver is earlier than 0:10.2-11.el9  oval:com.redhat.rhsa:tst:20236372005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236372003 of type rpminfo_object
Name
gdb-gdbserver

gdb-gdbserver is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236372006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236372003 of type rpminfo_object
Name
gdb-gdbserver

gdb-headless is earlier than 0:10.2-11.el9  oval:com.redhat.rhsa:tst:20236372007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236372004 of type rpminfo_object
Name
gdb-headless

gdb-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236372008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236372004 of type rpminfo_object
Name
gdb-headless

gdb-minimal is earlier than 0:10.2-11.el9  oval:com.redhat.rhsa:tst:20236372009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236372005 of type rpminfo_object
Name
gdb-minimal

gdb-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236372010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236372005 of type rpminfo_object
Name
gdb-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236371
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

cloud-init is earlier than 0:23.1.1-11.el9  oval:com.redhat.rhsa:tst:20236371001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236371001 of type rpminfo_object
Name
cloud-init

cloud-init is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236371002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236371001 of type rpminfo_object
Name
cloud-init
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236369
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

qt5 is earlier than 0:5.15.9-1.el9  oval:com.redhat.rhsa:tst:20236369001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022001 of type rpminfo_object
Name
qt5

qt5 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228022002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022001 of type rpminfo_object
Name
qt5

qt5-devel is earlier than 0:5.15.9-1.el9  oval:com.redhat.rhsa:tst:20236369003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022002 of type rpminfo_object
Name
qt5-devel

qt5-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228022004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022002 of type rpminfo_object
Name
qt5-devel

qt5-rpm-macros is earlier than 0:5.15.9-1.el9  oval:com.redhat.rhsa:tst:20236369005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022003 of type rpminfo_object
Name
qt5-rpm-macros

qt5-rpm-macros is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228022006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022003 of type rpminfo_object
Name
qt5-rpm-macros

qt5-srpm-macros is earlier than 0:5.15.9-1.el9  oval:com.redhat.rhsa:tst:20236369007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022004 of type rpminfo_object
Name
qt5-srpm-macros

qt5-srpm-macros is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228022008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022004 of type rpminfo_object
Name
qt5-srpm-macros

qt5-qtbase is earlier than 0:5.15.9-7.el9  oval:com.redhat.rhsa:tst:20236369009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369005 of type rpminfo_object
Name
qt5-qtbase

qt5-qtbase is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236369010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369005 of type rpminfo_object
Name
qt5-qtbase

qt5-qtbase-common is earlier than 0:5.15.9-7.el9  oval:com.redhat.rhsa:tst:20236369011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369006 of type rpminfo_object
Name
qt5-qtbase-common

qt5-qtbase-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236369012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369006 of type rpminfo_object
Name
qt5-qtbase-common

qt5-qtbase-devel is earlier than 0:5.15.9-7.el9  oval:com.redhat.rhsa:tst:20236369013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369007 of type rpminfo_object
Name
qt5-qtbase-devel

qt5-qtbase-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236369014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369007 of type rpminfo_object
Name
qt5-qtbase-devel

qt5-qtbase-examples is earlier than 0:5.15.9-7.el9  oval:com.redhat.rhsa:tst:20236369015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369008 of type rpminfo_object
Name
qt5-qtbase-examples

qt5-qtbase-examples is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236369016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369008 of type rpminfo_object
Name
qt5-qtbase-examples

qt5-qtbase-gui is earlier than 0:5.15.9-7.el9  oval:com.redhat.rhsa:tst:20236369017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369009 of type rpminfo_object
Name
qt5-qtbase-gui

qt5-qtbase-gui is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236369018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369009 of type rpminfo_object
Name
qt5-qtbase-gui

qt5-qtbase-mysql is earlier than 0:5.15.9-7.el9  oval:com.redhat.rhsa:tst:20236369019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369010 of type rpminfo_object
Name
qt5-qtbase-mysql

qt5-qtbase-mysql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236369020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369010 of type rpminfo_object
Name
qt5-qtbase-mysql

qt5-qtbase-odbc is earlier than 0:5.15.9-7.el9  oval:com.redhat.rhsa:tst:20236369021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369011 of type rpminfo_object
Name
qt5-qtbase-odbc

qt5-qtbase-odbc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236369022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369011 of type rpminfo_object
Name
qt5-qtbase-odbc

qt5-qtbase-postgresql is earlier than 0:5.15.9-7.el9  oval:com.redhat.rhsa:tst:20236369023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369012 of type rpminfo_object
Name
qt5-qtbase-postgresql

qt5-qtbase-postgresql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236369024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369012 of type rpminfo_object
Name
qt5-qtbase-postgresql

qt5-qtbase-private-devel is earlier than 0:5.15.9-7.el9  oval:com.redhat.rhsa:tst:20236369025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369013 of type rpminfo_object
Name
qt5-qtbase-private-devel

qt5-qtbase-private-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236369026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369013 of type rpminfo_object
Name
qt5-qtbase-private-devel

qt5-qtbase-static is earlier than 0:5.15.9-7.el9  oval:com.redhat.rhsa:tst:20236369027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369014 of type rpminfo_object
Name
qt5-qtbase-static

qt5-qtbase-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236369028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236369014 of type rpminfo_object
Name
qt5-qtbase-static
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236368
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

qemu-guest-agent is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
qemu-guest-agentaarch641716.el9_3.18.0.017:8.0.0-16.el9_3.1199e2f91fd431d51qemu-guest-agent-17:8.0.0-16.el9_3.1.aarch64

qemu-guest-agent is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
qemu-guest-agentaarch641716.el9_3.18.0.017:8.0.0-16.el9_3.1199e2f91fd431d51qemu-guest-agent-17:8.0.0-16.el9_3.1.aarch64

qemu-img is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263002 of type rpminfo_object
Name
qemu-img

qemu-img is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263002 of type rpminfo_object
Name
qemu-img

qemu-kvm is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263003 of type rpminfo_object
Name
qemu-kvm

qemu-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263003 of type rpminfo_object
Name
qemu-kvm

qemu-kvm-audio-pa is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263004 of type rpminfo_object
Name
qemu-kvm-audio-pa

qemu-kvm-audio-pa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263004 of type rpminfo_object
Name
qemu-kvm-audio-pa

qemu-kvm-block-blkio is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236368005 of type rpminfo_object
Name
qemu-kvm-block-blkio

qemu-kvm-block-blkio is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236368010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236368005 of type rpminfo_object
Name
qemu-kvm-block-blkio

qemu-kvm-block-curl is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263005 of type rpminfo_object
Name
qemu-kvm-block-curl

qemu-kvm-block-curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263005 of type rpminfo_object
Name
qemu-kvm-block-curl

qemu-kvm-block-rbd is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263006 of type rpminfo_object
Name
qemu-kvm-block-rbd

qemu-kvm-block-rbd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263006 of type rpminfo_object
Name
qemu-kvm-block-rbd

qemu-kvm-common is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263007 of type rpminfo_object
Name
qemu-kvm-common

qemu-kvm-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263007 of type rpminfo_object
Name
qemu-kvm-common

qemu-kvm-core is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263008 of type rpminfo_object
Name
qemu-kvm-core

qemu-kvm-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263008 of type rpminfo_object
Name
qemu-kvm-core

qemu-kvm-device-display-virtio-gpu is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263009 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu

qemu-kvm-device-display-virtio-gpu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263009 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu

qemu-kvm-device-display-virtio-gpu-ccw is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263010 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-ccw

qemu-kvm-device-display-virtio-gpu-ccw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263010 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-ccw

qemu-kvm-device-display-virtio-gpu-pci is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263012 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci

qemu-kvm-device-display-virtio-gpu-pci is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263012 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci

qemu-kvm-device-display-virtio-vga is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263014 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga

qemu-kvm-device-display-virtio-vga is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263014 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga

qemu-kvm-device-usb-host is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263016 of type rpminfo_object
Name
qemu-kvm-device-usb-host

qemu-kvm-device-usb-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263016 of type rpminfo_object
Name
qemu-kvm-device-usb-host

qemu-kvm-device-usb-redirect is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263017 of type rpminfo_object
Name
qemu-kvm-device-usb-redirect

qemu-kvm-device-usb-redirect is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263017 of type rpminfo_object
Name
qemu-kvm-device-usb-redirect

qemu-kvm-docs is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263018 of type rpminfo_object
Name
qemu-kvm-docs

qemu-kvm-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263018 of type rpminfo_object
Name
qemu-kvm-docs

qemu-kvm-tools is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263019 of type rpminfo_object
Name
qemu-kvm-tools

qemu-kvm-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263019 of type rpminfo_object
Name
qemu-kvm-tools

qemu-kvm-ui-egl-headless is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263020 of type rpminfo_object
Name
qemu-kvm-ui-egl-headless

qemu-kvm-ui-egl-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263020 of type rpminfo_object
Name
qemu-kvm-ui-egl-headless

qemu-kvm-ui-opengl is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263021 of type rpminfo_object
Name
qemu-kvm-ui-opengl

qemu-kvm-ui-opengl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263021 of type rpminfo_object
Name
qemu-kvm-ui-opengl

qemu-pr-helper is earlier than 17:8.0.0-16.el9_3  oval:com.redhat.rhsa:tst:20236368039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263022 of type rpminfo_object
Name
qemu-pr-helper

qemu-pr-helper is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263022 of type rpminfo_object
Name
qemu-pr-helper
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236365
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

mod_auth_openidc is earlier than 0:2.4.9.4-4.el9  oval:com.redhat.rhsa:tst:20236365001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236365001 of type rpminfo_object
Name
mod_auth_openidc

mod_auth_openidc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236365002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236365001 of type rpminfo_object
Name
mod_auth_openidc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236363
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

skopeo is earlier than 2:1.13.3-1.el9  oval:com.redhat.rhsa:tst:20236363001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955001 of type rpminfo_object
Name
skopeo

skopeo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227955002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955001 of type rpminfo_object
Name
skopeo

skopeo-tests is earlier than 2:1.13.3-1.el9  oval:com.redhat.rhsa:tst:20236363003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955002 of type rpminfo_object
Name
skopeo-tests

skopeo-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227955004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955002 of type rpminfo_object
Name
skopeo-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236346
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

toolbox is earlier than 0:0.0.99.4-6.el9_3  oval:com.redhat.rhsa:tst:20236346001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098001 of type rpminfo_object
Name
toolbox

toolbox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228098002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098001 of type rpminfo_object
Name
toolbox

toolbox-tests is earlier than 0:0.0.99.4-6.el9_3  oval:com.redhat.rhsa:tst:20236346003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098002 of type rpminfo_object
Name
toolbox-tests

toolbox-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228098004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098002 of type rpminfo_object
Name
toolbox-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236343
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

LibRaw is earlier than 0:0.20.2-6.el9  oval:com.redhat.rhsa:tst:20236343001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236343001 of type rpminfo_object
Name
LibRaw

LibRaw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236343002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236343001 of type rpminfo_object
Name
LibRaw

LibRaw-devel is earlier than 0:0.20.2-6.el9  oval:com.redhat.rhsa:tst:20236343003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236343002 of type rpminfo_object
Name
LibRaw-devel

LibRaw-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236343004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236343002 of type rpminfo_object
Name
LibRaw-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236341
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

xorg-x11-server-Xwayland is earlier than 0:22.1.9-2.el9  oval:com.redhat.rhsa:tst:20236341001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xwaylandaarch64(none)2.el922.1.90:22.1.9-2.el9199e2f91fd431d51xorg-x11-server-Xwayland-0:22.1.9-2.el9.aarch64

xorg-x11-server-Xwayland is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228222002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xwaylandaarch64(none)2.el922.1.90:22.1.9-2.el9199e2f91fd431d51xorg-x11-server-Xwayland-0:22.1.9-2.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236340
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

xorg-x11-server-Xdmx is earlier than 0:1.20.11-19.el9  oval:com.redhat.rhsa:tst:20236340001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221001 of type rpminfo_object
Name
xorg-x11-server-Xdmx

xorg-x11-server-Xdmx is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221001 of type rpminfo_object
Name
xorg-x11-server-Xdmx

xorg-x11-server-Xephyr is earlier than 0:1.20.11-19.el9  oval:com.redhat.rhsa:tst:20236340003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221002 of type rpminfo_object
Name
xorg-x11-server-Xephyr

xorg-x11-server-Xephyr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221002 of type rpminfo_object
Name
xorg-x11-server-Xephyr

xorg-x11-server-Xnest is earlier than 0:1.20.11-19.el9  oval:com.redhat.rhsa:tst:20236340005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221003 of type rpminfo_object
Name
xorg-x11-server-Xnest

xorg-x11-server-Xnest is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221003 of type rpminfo_object
Name
xorg-x11-server-Xnest

xorg-x11-server-Xorg is earlier than 0:1.20.11-19.el9  oval:com.redhat.rhsa:tst:20236340007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xorgaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-Xorg-0:1.20.11-19.el9.aarch64

xorg-x11-server-Xorg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xorgaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-Xorg-0:1.20.11-19.el9.aarch64

xorg-x11-server-Xvfb is earlier than 0:1.20.11-19.el9  oval:com.redhat.rhsa:tst:20236340009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221005 of type rpminfo_object
Name
xorg-x11-server-Xvfb

xorg-x11-server-Xvfb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221005 of type rpminfo_object
Name
xorg-x11-server-Xvfb

xorg-x11-server-common is earlier than 0:1.20.11-19.el9  oval:com.redhat.rhsa:tst:20236340011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-commonaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-common-0:1.20.11-19.el9.aarch64

xorg-x11-server-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-commonaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-common-0:1.20.11-19.el9.aarch64

xorg-x11-server-devel is earlier than 0:1.20.11-19.el9  oval:com.redhat.rhsa:tst:20236340013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221007 of type rpminfo_object
Name
xorg-x11-server-devel

xorg-x11-server-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221007 of type rpminfo_object
Name
xorg-x11-server-devel

xorg-x11-server-source is earlier than 0:1.20.11-19.el9  oval:com.redhat.rhsa:tst:20236340015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221008 of type rpminfo_object
Name
xorg-x11-server-source

xorg-x11-server-source is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221008 of type rpminfo_object
Name
xorg-x11-server-source
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236330
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

edk2-aarch64 is earlier than 0:20230524-3.el9  oval:com.redhat.rhsa:tst:20236330001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165001 of type rpminfo_object
Name
edk2-aarch64

edk2-aarch64 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232165002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165001 of type rpminfo_object
Name
edk2-aarch64

edk2-ovmf is earlier than 0:20230524-3.el9  oval:com.redhat.rhsa:tst:20236330003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165002 of type rpminfo_object
Name
edk2-ovmf

edk2-ovmf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232165004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165002 of type rpminfo_object
Name
edk2-ovmf

edk2-tools is earlier than 0:20230524-3.el9  oval:com.redhat.rhsa:tst:20236330005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165003 of type rpminfo_object
Name
edk2-tools

edk2-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232165006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165003 of type rpminfo_object
Name
edk2-tools

edk2-tools-doc is earlier than 0:20230524-3.el9  oval:com.redhat.rhsa:tst:20236330007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165004 of type rpminfo_object
Name
edk2-tools-doc

edk2-tools-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232165008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165004 of type rpminfo_object
Name
edk2-tools-doc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236324
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3.11-pip is earlier than 0:22.3.1-4.el9  oval:com.redhat.rhsa:tst:20236324001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236324001 of type rpminfo_object
Name
python3.11-pip

python3.11-pip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236324002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236324001 of type rpminfo_object
Name
python3.11-pip

python3.11-pip-wheel is earlier than 0:22.3.1-4.el9  oval:com.redhat.rhsa:tst:20236324003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236324002 of type rpminfo_object
Name
python3.11-pip-wheel

python3.11-pip-wheel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236324004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20236324002 of type rpminfo_object
Name
python3.11-pip-wheel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236316
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pcs is earlier than 0:0.11.6-3.el9  oval:com.redhat.rhsa:tst:20236316001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs-snmp is earlier than 0:0.11.6-3.el9  oval:com.redhat.rhsa:tst:20236316003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp

pcs-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236282
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

insights-client is earlier than 0:3.2.2-1.el9_2  oval:com.redhat.rhsa:tst:20236282001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
insights-clientnoarch01.el9_33.2.20:3.2.2-1.el9_3199e2f91fd431d51insights-client-0:3.2.2-1.el9_3.noarch

insights-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20236282002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
insights-clientnoarch01.el9_33.2.20:3.2.2-1.el9_3199e2f91fd431d51insights-client-0:3.2.2-1.el9_3.noarch
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236266
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

squid is earlier than 7:5.5-5.el9_2.1  oval:com.redhat.rhsa:tst:20236266001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid

squid is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225527002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236265
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ghostscript is earlier than 0:9.54.0-11.el9_2  oval:com.redhat.rhsa:tst:20236265001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscriptaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-0:9.54.0-14.el9_3.aarch64

ghostscript is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscriptaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-0:9.54.0-14.el9_3.aarch64

ghostscript-doc is earlier than 0:9.54.0-11.el9_2  oval:com.redhat.rhsa:tst:20236265003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459002 of type rpminfo_object
Name
ghostscript-doc

ghostscript-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459002 of type rpminfo_object
Name
ghostscript-doc

ghostscript-tools-dvipdf is earlier than 0:9.54.0-11.el9_2  oval:com.redhat.rhsa:tst:20236265005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459003 of type rpminfo_object
Name
ghostscript-tools-dvipdf

ghostscript-tools-dvipdf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459003 of type rpminfo_object
Name
ghostscript-tools-dvipdf

ghostscript-tools-fonts is earlier than 0:9.54.0-11.el9_2  oval:com.redhat.rhsa:tst:20236265007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-fontsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-fonts-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-fonts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-fontsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-fonts-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-printing is earlier than 0:9.54.0-11.el9_2  oval:com.redhat.rhsa:tst:20236265009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-printingaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-printing-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-printing is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-printingaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-printing-0:9.54.0-14.el9_3.aarch64

ghostscript-x11 is earlier than 0:9.54.0-11.el9_2  oval:com.redhat.rhsa:tst:20236265011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459006 of type rpminfo_object
Name
ghostscript-x11

ghostscript-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459006 of type rpminfo_object
Name
ghostscript-x11

libgs is earlier than 0:9.54.0-11.el9_2  oval:com.redhat.rhsa:tst:20236265013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libgsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51libgs-0:9.54.0-14.el9_3.aarch64

libgs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libgsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51libgs-0:9.54.0-14.el9_3.aarch64

libgs-devel is earlier than 0:9.54.0-11.el9_2  oval:com.redhat.rhsa:tst:20236265015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459008 of type rpminfo_object
Name
libgs-devel

libgs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459008 of type rpminfo_object
Name
libgs-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236246
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-7.0 is earlier than 0:7.0.13-1.el9_2  oval:com.redhat.rhsa:tst:20236246001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-targeting-pack-7.0 is earlier than 0:7.0.13-1.el9_2  oval:com.redhat.rhsa:tst:20236246003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

aspnetcore-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

dotnet-apphost-pack-7.0 is earlier than 0:7.0.13-1.el9_2  oval:com.redhat.rhsa:tst:20236246005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-apphost-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-host is earlier than 0:7.0.13-1.el9_2  oval:com.redhat.rhsa:tst:20236246007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-7.0 is earlier than 0:7.0.13-1.el9_2  oval:com.redhat.rhsa:tst:20236246009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-hostfxr-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-runtime-7.0 is earlier than 0:7.0.13-1.el9_2  oval:com.redhat.rhsa:tst:20236246011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-sdk-7.0 is earlier than 0:7.0.113-1.el9_2  oval:com.redhat.rhsa:tst:20236246013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0-source-built-artifacts is earlier than 0:7.0.113-1.el9_2  oval:com.redhat.rhsa:tst:20236246015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-sdk-7.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-targeting-pack-7.0 is earlier than 0:7.0.13-1.el9_2  oval:com.redhat.rhsa:tst:20236246017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-templates-7.0 is earlier than 0:7.0.113-1.el9_2  oval:com.redhat.rhsa:tst:20236246019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

dotnet-templates-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

netstandard-targeting-pack-2.1 is earlier than 0:7.0.113-1.el9_2  oval:com.redhat.rhsa:tst:20236246021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236242
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.24-1.el9_2  oval:com.redhat.rhsa:tst:20236242001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.24-1.el9_2  oval:com.redhat.rhsa:tst:20236242003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.24-1.el9_2  oval:com.redhat.rhsa:tst:20236242005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-hostfxr-6.0 is earlier than 0:6.0.24-1.el9_2  oval:com.redhat.rhsa:tst:20236242007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.24-1.el9_2  oval:com.redhat.rhsa:tst:20236242009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.124-1.el9_2  oval:com.redhat.rhsa:tst:20236242011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.124-1.el9_2  oval:com.redhat.rhsa:tst:20236242013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.24-1.el9_2  oval:com.redhat.rhsa:tst:20236242015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.124-1.el9_2  oval:com.redhat.rhsa:tst:20236242017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236191
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:115.4.1-1.el9_2  oval:com.redhat.rhsa:tst:20236191001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236188
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:115.4.0-1.el9_2  oval:com.redhat.rhsa:tst:20236188001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:115.4.0-1.el9_2  oval:com.redhat.rhsa:tst:20236188003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236167
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libguestfs-winsupport is earlier than 0:9.2-2.el9_2  oval:com.redhat.rhsa:tst:20236167001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232179001 of type rpminfo_object
Name
libguestfs-winsupport

libguestfs-winsupport is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232179002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232179001 of type rpminfo_object
Name
libguestfs-winsupport
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236120
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module nginx:1.22 is enabled  oval:com.redhat.rhea:tst:20236562021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562011 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/nginx.module\[nginx\][\w\W]*1

nginx is earlier than 1:1.22.1-3.module+el9.2.0.z+20353+5a828d50.1  oval:com.redhat.rhsa:tst:20236120001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562001 of type rpminfo_object
Name
nginx

nginx is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562001 of type rpminfo_object
Name
nginx

nginx-all-modules is earlier than 1:1.22.1-3.module+el9.2.0.z+20353+5a828d50.1  oval:com.redhat.rhsa:tst:20236120003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562002 of type rpminfo_object
Name
nginx-all-modules

nginx-all-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562002 of type rpminfo_object
Name
nginx-all-modules

nginx-core is earlier than 1:1.22.1-3.module+el9.2.0.z+20353+5a828d50.1  oval:com.redhat.rhsa:tst:20236120005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562003 of type rpminfo_object
Name
nginx-core

nginx-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562003 of type rpminfo_object
Name
nginx-core

nginx-filesystem is earlier than 1:1.22.1-3.module+el9.2.0.z+20353+5a828d50.1  oval:com.redhat.rhsa:tst:20236120007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562004 of type rpminfo_object
Name
nginx-filesystem

nginx-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562004 of type rpminfo_object
Name
nginx-filesystem

nginx-mod-devel is earlier than 1:1.22.1-3.module+el9.2.0.z+20353+5a828d50.1  oval:com.redhat.rhsa:tst:20236120009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562005 of type rpminfo_object
Name
nginx-mod-devel

nginx-mod-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562005 of type rpminfo_object
Name
nginx-mod-devel

nginx-mod-http-image-filter is earlier than 1:1.22.1-3.module+el9.2.0.z+20353+5a828d50.1  oval:com.redhat.rhsa:tst:20236120011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562006 of type rpminfo_object
Name
nginx-mod-http-image-filter

nginx-mod-http-image-filter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562006 of type rpminfo_object
Name
nginx-mod-http-image-filter

nginx-mod-http-perl is earlier than 1:1.22.1-3.module+el9.2.0.z+20353+5a828d50.1  oval:com.redhat.rhsa:tst:20236120013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562007 of type rpminfo_object
Name
nginx-mod-http-perl

nginx-mod-http-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562007 of type rpminfo_object
Name
nginx-mod-http-perl

nginx-mod-http-xslt-filter is earlier than 1:1.22.1-3.module+el9.2.0.z+20353+5a828d50.1  oval:com.redhat.rhsa:tst:20236120015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562008 of type rpminfo_object
Name
nginx-mod-http-xslt-filter

nginx-mod-http-xslt-filter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562008 of type rpminfo_object
Name
nginx-mod-http-xslt-filter

nginx-mod-mail is earlier than 1:1.22.1-3.module+el9.2.0.z+20353+5a828d50.1  oval:com.redhat.rhsa:tst:20236120017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562009 of type rpminfo_object
Name
nginx-mod-mail

nginx-mod-mail is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562009 of type rpminfo_object
Name
nginx-mod-mail

nginx-mod-stream is earlier than 1:1.22.1-3.module+el9.2.0.z+20353+5a828d50.1  oval:com.redhat.rhsa:tst:20236120019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562010 of type rpminfo_object
Name
nginx-mod-stream

nginx-mod-stream is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562010 of type rpminfo_object
Name
nginx-mod-stream
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20236077
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

toolbox is earlier than 0:0.0.99.3-10.el9_2  oval:com.redhat.rhsa:tst:20236077001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098001 of type rpminfo_object
Name
toolbox

toolbox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228098002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098001 of type rpminfo_object
Name
toolbox

toolbox-tests is earlier than 0:0.0.99.3-10.el9_2  oval:com.redhat.rhsa:tst:20236077003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098002 of type rpminfo_object
Name
toolbox-tests

toolbox-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228098004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098002 of type rpminfo_object
Name
toolbox-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235929
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tomcat is earlier than 1:9.0.62-11.el9_2.3  oval:com.redhat.rhsa:tst:20235929001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929001 of type rpminfo_object
Name
tomcat

tomcat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929001 of type rpminfo_object
Name
tomcat

tomcat-admin-webapps is earlier than 1:9.0.62-11.el9_2.3  oval:com.redhat.rhsa:tst:20235929003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929002 of type rpminfo_object
Name
tomcat-admin-webapps

tomcat-admin-webapps is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929002 of type rpminfo_object
Name
tomcat-admin-webapps

tomcat-docs-webapp is earlier than 1:9.0.62-11.el9_2.3  oval:com.redhat.rhsa:tst:20235929005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929003 of type rpminfo_object
Name
tomcat-docs-webapp

tomcat-docs-webapp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929003 of type rpminfo_object
Name
tomcat-docs-webapp

tomcat-el-3.0-api is earlier than 1:9.0.62-11.el9_2.3  oval:com.redhat.rhsa:tst:20235929007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929004 of type rpminfo_object
Name
tomcat-el-3.0-api

tomcat-el-3.0-api is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929004 of type rpminfo_object
Name
tomcat-el-3.0-api

tomcat-jsp-2.3-api is earlier than 1:9.0.62-11.el9_2.3  oval:com.redhat.rhsa:tst:20235929009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929005 of type rpminfo_object
Name
tomcat-jsp-2.3-api

tomcat-jsp-2.3-api is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929005 of type rpminfo_object
Name
tomcat-jsp-2.3-api

tomcat-lib is earlier than 1:9.0.62-11.el9_2.3  oval:com.redhat.rhsa:tst:20235929011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929006 of type rpminfo_object
Name
tomcat-lib

tomcat-lib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929006 of type rpminfo_object
Name
tomcat-lib

tomcat-servlet-4.0-api is earlier than 1:9.0.62-11.el9_2.3  oval:com.redhat.rhsa:tst:20235929013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929007 of type rpminfo_object
Name
tomcat-servlet-4.0-api

tomcat-servlet-4.0-api is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929007 of type rpminfo_object
Name
tomcat-servlet-4.0-api

tomcat-webapps is earlier than 1:9.0.62-11.el9_2.3  oval:com.redhat.rhsa:tst:20235929015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929008 of type rpminfo_object
Name
tomcat-webapps

tomcat-webapps is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235929016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235929008 of type rpminfo_object
Name
tomcat-webapps
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235926
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

php is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php-bcmath is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-bcmath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-cli is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-cli is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-common is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-dba is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dbg is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-dbg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-devel is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-embedded is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-embedded is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-enchant is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-enchant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-ffi is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-ffi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-fpm is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-fpm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-gd is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gmp is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-gmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-intl is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-intl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-ldap is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-mbstring is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mbstring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mysqlnd is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-mysqlnd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-odbc is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-odbc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-opcache is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-opcache is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-pdo is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pdo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pgsql is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-pgsql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-process is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-process is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-snmp is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-soap is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-soap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-xml is earlier than 0:8.0.30-1.el9_2  oval:com.redhat.rhsa:tst:20235926049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml

php-xml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235924
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

varnish is earlier than 0:6.6.2-3.el9_2.1  oval:com.redhat.rhsa:tst:20235924001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643001 of type rpminfo_object
Name
varnish

varnish is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228643002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643001 of type rpminfo_object
Name
varnish

varnish-devel is earlier than 0:6.6.2-3.el9_2.1  oval:com.redhat.rhsa:tst:20235924003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643002 of type rpminfo_object
Name
varnish-devel

varnish-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228643004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643002 of type rpminfo_object
Name
varnish-devel

varnish-docs is earlier than 0:6.6.2-3.el9_2.1  oval:com.redhat.rhsa:tst:20235924005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643003 of type rpminfo_object
Name
varnish-docs

varnish-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228643006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643003 of type rpminfo_object
Name
varnish-docs
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235867
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

grafana is earlier than 0:9.0.9-4.el9_2  oval:com.redhat.rhsa:tst:20235867001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana

grafana is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225716002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235849
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module nodejs:18 is enabled  oval:com.redhat.rhsa:tst:20228832017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252009 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/nodejs.module\[nodejs\][\w\W]*1

nodejs is earlier than 1:18.18.2-2.module+el9.2.0.z+20408+7cb5fda5  oval:com.redhat.rhsa:tst:20235849001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-devel is earlier than 1:18.18.2-2.module+el9.2.0.z+20408+7cb5fda5  oval:com.redhat.rhsa:tst:20235849003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-docs is earlier than 1:18.18.2-2.module+el9.2.0.z+20408+7cb5fda5  oval:com.redhat.rhsa:tst:20235849005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:18.18.2-2.module+el9.2.0.z+20408+7cb5fda5  oval:com.redhat.rhsa:tst:20235849007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-nodemon is earlier than 0:3.0.1-1.module+el9.2.0.z+19753+58118bc0  oval:com.redhat.rhsa:tst:20235363009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-nodemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-packaging is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging-bundler is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

nodejs-packaging-bundler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

npm is earlier than 1:9.8.1-1.18.18.2.2.module+el9.2.0.z+20408+7cb5fda5  oval:com.redhat.rhsa:tst:20235849015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235838
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libnghttp2 is earlier than 0:1.43.0-5.el9_2.1  oval:com.redhat.rhsa:tst:20235838001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libnghttp2aarch64(none)5.el9_3.11.43.00:1.43.0-5.el9_3.1199e2f91fd431d51libnghttp2-0:1.43.0-5.el9_3.1.aarch64

libnghttp2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235838002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libnghttp2aarch64(none)5.el9_3.11.43.00:1.43.0-5.el9_3.1199e2f91fd431d51libnghttp2-0:1.43.0-5.el9_3.1.aarch64

libnghttp2-devel is earlier than 0:1.43.0-5.el9_2.1  oval:com.redhat.rhsa:tst:20235838003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235838002 of type rpminfo_object
Name
libnghttp2-devel

libnghttp2-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235838004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235838002 of type rpminfo_object
Name
libnghttp2-devel

nghttp2 is earlier than 0:1.43.0-5.el9_2.1  oval:com.redhat.rhsa:tst:20235838005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235838003 of type rpminfo_object
Name
nghttp2

nghttp2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235838006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235838003 of type rpminfo_object
Name
nghttp2
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235765
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nodejs is earlier than 1:16.20.2-3.el9_2  oval:com.redhat.rhsa:tst:20235765001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-docs is earlier than 1:16.20.2-3.el9_2  oval:com.redhat.rhsa:tst:20235765003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:16.20.2-3.el9_2  oval:com.redhat.rhsa:tst:20235765005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-libs is earlier than 1:16.20.2-3.el9_2  oval:com.redhat.rhsa:tst:20235765007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

nodejs-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226595008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

npm is earlier than 1:8.19.4-1.16.20.2.3.el9_2  oval:com.redhat.rhsa:tst:20235765009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235763
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

curl is earlier than 0:7.76.1-23.el9_2.4  oval:com.redhat.rhsa:tst:20235763001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl-minimal is earlier than 0:7.76.1-23.el9_2.4  oval:com.redhat.rhsa:tst:20235763003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

curl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

libcurl is earlier than 0:7.76.1-23.el9_2.4  oval:com.redhat.rhsa:tst:20235763005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl-devel is earlier than 0:7.76.1-23.el9_2.4  oval:com.redhat.rhsa:tst:20235763007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-minimal is earlier than 0:7.76.1-23.el9_2.4  oval:com.redhat.rhsa:tst:20235763009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal

libcurl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235753
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-17-openjdk is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk-demo is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo-fastdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-slowdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-devel is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel-fastdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-slowdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-fastdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-headless is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless-fastdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-slowdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-javadoc is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc-zip is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-jmods is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods-fastdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-slowdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-slowdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-src is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src-fastdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-slowdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-static-libs is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs-fastdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-slowdebug is earlier than 1:17.0.9.0.9-2.el9  oval:com.redhat.rhsa:tst:20235753045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug

java-17-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235749
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-7.0 is earlier than 0:7.0.12-1.el9_2  oval:com.redhat.rhsa:tst:20235749001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-targeting-pack-7.0 is earlier than 0:7.0.12-1.el9_2  oval:com.redhat.rhsa:tst:20235749003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

aspnetcore-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

dotnet-apphost-pack-7.0 is earlier than 0:7.0.12-1.el9_2  oval:com.redhat.rhsa:tst:20235749005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-apphost-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-host is earlier than 0:7.0.12-1.el9_2  oval:com.redhat.rhsa:tst:20235749007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-7.0 is earlier than 0:7.0.12-1.el9_2  oval:com.redhat.rhsa:tst:20235749009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-hostfxr-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-runtime-7.0 is earlier than 0:7.0.12-1.el9_2  oval:com.redhat.rhsa:tst:20235749011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-sdk-7.0 is earlier than 0:7.0.112-1.el9_2  oval:com.redhat.rhsa:tst:20235749013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0-source-built-artifacts is earlier than 0:7.0.112-1.el9_2  oval:com.redhat.rhsa:tst:20235749015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-sdk-7.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-targeting-pack-7.0 is earlier than 0:7.0.12-1.el9_2  oval:com.redhat.rhsa:tst:20235749017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-templates-7.0 is earlier than 0:7.0.112-1.el9_2  oval:com.redhat.rhsa:tst:20235749019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

dotnet-templates-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

netstandard-targeting-pack-2.1 is earlier than 0:7.0.112-1.el9_2  oval:com.redhat.rhsa:tst:20235749021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235744
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-11-openjdk is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk-demo is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo-fastdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-slowdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-devel is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel-fastdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-slowdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-fastdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-headless is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless-fastdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-slowdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-javadoc is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc-zip is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-jmods is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods-fastdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-slowdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-slowdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-src is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src-fastdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-slowdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-static-libs is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs-fastdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-slowdebug is earlier than 1:11.0.21.0.9-2.el9  oval:com.redhat.rhsa:tst:20235744045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug

java-11-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235738
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

golang is earlier than 0:1.19.13-1.el9_2  oval:com.redhat.rhsa:tst:20235738001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang-bin is earlier than 0:1.19.13-1.el9_2  oval:com.redhat.rhsa:tst:20235738003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-bin is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-docs is earlier than 0:1.19.13-1.el9_2  oval:com.redhat.rhsa:tst:20235738005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-misc is earlier than 0:1.19.13-1.el9_2  oval:com.redhat.rhsa:tst:20235738007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-misc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-race is earlier than 0:1.19.13-1.el9_2  oval:com.redhat.rhsa:tst:20235738009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-race is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-src is earlier than 0:1.19.13-1.el9_2  oval:com.redhat.rhsa:tst:20235738011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-tests is earlier than 0:1.19.13-1.el9_2  oval:com.redhat.rhsa:tst:20235738013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests

golang-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235733
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-1.8.0-openjdk is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk-demo is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo-fastdebug is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-slowdebug is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-devel is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel-fastdebug is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-slowdebug is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-fastdebug is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-headless is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless-fastdebug is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-slowdebug is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-slowdebug is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-src is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src-fastdebug is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-slowdebug is earlier than 1:1.8.0.392.b08-3.el9  oval:com.redhat.rhsa:tst:20235733033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug

java-1.8.0-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235711
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nginx is earlier than 1:1.20.1-14.el9_2.1  oval:com.redhat.rhsa:tst:20235711001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562001 of type rpminfo_object
Name
nginx

nginx is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562001 of type rpminfo_object
Name
nginx

nginx-all-modules is earlier than 1:1.20.1-14.el9_2.1  oval:com.redhat.rhsa:tst:20235711003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562002 of type rpminfo_object
Name
nginx-all-modules

nginx-all-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562002 of type rpminfo_object
Name
nginx-all-modules

nginx-core is earlier than 1:1.20.1-14.el9_2.1  oval:com.redhat.rhsa:tst:20235711005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562003 of type rpminfo_object
Name
nginx-core

nginx-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562003 of type rpminfo_object
Name
nginx-core

nginx-filesystem is earlier than 1:1.20.1-14.el9_2.1  oval:com.redhat.rhsa:tst:20235711007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562004 of type rpminfo_object
Name
nginx-filesystem

nginx-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562004 of type rpminfo_object
Name
nginx-filesystem

nginx-mod-devel is earlier than 1:1.20.1-14.el9_2.1  oval:com.redhat.rhsa:tst:20235711009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562005 of type rpminfo_object
Name
nginx-mod-devel

nginx-mod-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562005 of type rpminfo_object
Name
nginx-mod-devel

nginx-mod-http-image-filter is earlier than 1:1.20.1-14.el9_2.1  oval:com.redhat.rhsa:tst:20235711011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562006 of type rpminfo_object
Name
nginx-mod-http-image-filter

nginx-mod-http-image-filter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562006 of type rpminfo_object
Name
nginx-mod-http-image-filter

nginx-mod-http-perl is earlier than 1:1.20.1-14.el9_2.1  oval:com.redhat.rhsa:tst:20235711013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562007 of type rpminfo_object
Name
nginx-mod-http-perl

nginx-mod-http-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562007 of type rpminfo_object
Name
nginx-mod-http-perl

nginx-mod-http-xslt-filter is earlier than 1:1.20.1-14.el9_2.1  oval:com.redhat.rhsa:tst:20235711015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562008 of type rpminfo_object
Name
nginx-mod-http-xslt-filter

nginx-mod-http-xslt-filter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562008 of type rpminfo_object
Name
nginx-mod-http-xslt-filter

nginx-mod-mail is earlier than 1:1.20.1-14.el9_2.1  oval:com.redhat.rhsa:tst:20235711017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562009 of type rpminfo_object
Name
nginx-mod-mail

nginx-mod-mail is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562009 of type rpminfo_object
Name
nginx-mod-mail

nginx-mod-stream is earlier than 1:1.20.1-14.el9_2.1  oval:com.redhat.rhsa:tst:20235711019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562010 of type rpminfo_object
Name
nginx-mod-stream

nginx-mod-stream is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562010 of type rpminfo_object
Name
nginx-mod-stream
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235708
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.23-1.el9_2  oval:com.redhat.rhsa:tst:20235708001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.23-1.el9_2  oval:com.redhat.rhsa:tst:20235708003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.23-1.el9_2  oval:com.redhat.rhsa:tst:20235708005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-hostfxr-6.0 is earlier than 0:6.0.23-1.el9_2  oval:com.redhat.rhsa:tst:20235708007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.23-1.el9_2  oval:com.redhat.rhsa:tst:20235708009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.123-1.el9_2  oval:com.redhat.rhsa:tst:20235708011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.123-1.el9_2  oval:com.redhat.rhsa:tst:20235708013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.23-1.el9_2  oval:com.redhat.rhsa:tst:20235708015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.123-1.el9_2  oval:com.redhat.rhsa:tst:20235708017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235689
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

bind is earlier than 32:9.16.23-11.el9_2.2  oval:com.redhat.rhsa:tst:20235689001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763001 of type rpminfo_object
Name
bind

bind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763001 of type rpminfo_object
Name
bind

bind-chroot is earlier than 32:9.16.23-11.el9_2.2  oval:com.redhat.rhsa:tst:20235689003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763002 of type rpminfo_object
Name
bind-chroot

bind-chroot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763002 of type rpminfo_object
Name
bind-chroot

bind-devel is earlier than 32:9.16.23-11.el9_2.2  oval:com.redhat.rhsa:tst:20235689005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763003 of type rpminfo_object
Name
bind-devel

bind-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763003 of type rpminfo_object
Name
bind-devel

bind-dnssec-doc is earlier than 32:9.16.23-11.el9_2.2  oval:com.redhat.rhsa:tst:20235689007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763004 of type rpminfo_object
Name
bind-dnssec-doc

bind-dnssec-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763004 of type rpminfo_object
Name
bind-dnssec-doc

bind-dnssec-utils is earlier than 32:9.16.23-11.el9_2.2  oval:com.redhat.rhsa:tst:20235689009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763005 of type rpminfo_object
Name
bind-dnssec-utils

bind-dnssec-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763005 of type rpminfo_object
Name
bind-dnssec-utils

bind-doc is earlier than 32:9.16.23-11.el9_2.2  oval:com.redhat.rhsa:tst:20235689011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228068006 of type rpminfo_object
Name
bind-doc

bind-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228068012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228068006 of type rpminfo_object
Name
bind-doc

bind-libs is earlier than 32:9.16.23-11.el9_2.2  oval:com.redhat.rhsa:tst:20235689013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-libsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-libs-32:9.16.23-14.el9_3.aarch64

bind-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-libsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-libs-32:9.16.23-14.el9_3.aarch64

bind-license is earlier than 32:9.16.23-11.el9_2.2  oval:com.redhat.rhsa:tst:20235689015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-licensenoarch3214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-license-32:9.16.23-14.el9_3.noarch

bind-license is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-licensenoarch3214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-license-32:9.16.23-14.el9_3.noarch

bind-utils is earlier than 32:9.16.23-11.el9_2.2  oval:com.redhat.rhsa:tst:20235689017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-utilsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-utils-32:9.16.23-14.el9_3.aarch64

bind-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-utilsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-utils-32:9.16.23-14.el9_3.aarch64

python3-bind is earlier than 32:9.16.23-11.el9_2.2  oval:com.redhat.rhsa:tst:20235689019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763009 of type rpminfo_object
Name
python3-bind

python3-bind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763009 of type rpminfo_object
Name
python3-bind
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235684
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

mariadb is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948001 of type rpminfo_object
Name
mariadb

mariadb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948001 of type rpminfo_object
Name
mariadb

mariadb-backup is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948002 of type rpminfo_object
Name
mariadb-backup

mariadb-backup is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948002 of type rpminfo_object
Name
mariadb-backup

mariadb-common is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948003 of type rpminfo_object
Name
mariadb-common

mariadb-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948003 of type rpminfo_object
Name
mariadb-common

mariadb-devel is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948004 of type rpminfo_object
Name
mariadb-devel

mariadb-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948004 of type rpminfo_object
Name
mariadb-devel

mariadb-embedded is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948005 of type rpminfo_object
Name
mariadb-embedded

mariadb-embedded is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948005 of type rpminfo_object
Name
mariadb-embedded

mariadb-embedded-devel is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948006 of type rpminfo_object
Name
mariadb-embedded-devel

mariadb-embedded-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948006 of type rpminfo_object
Name
mariadb-embedded-devel

mariadb-errmsg is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948007 of type rpminfo_object
Name
mariadb-errmsg

mariadb-errmsg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948007 of type rpminfo_object
Name
mariadb-errmsg

mariadb-gssapi-server is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948008 of type rpminfo_object
Name
mariadb-gssapi-server

mariadb-gssapi-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948008 of type rpminfo_object
Name
mariadb-gssapi-server

mariadb-oqgraph-engine is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948009 of type rpminfo_object
Name
mariadb-oqgraph-engine

mariadb-oqgraph-engine is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948009 of type rpminfo_object
Name
mariadb-oqgraph-engine

mariadb-pam is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948010 of type rpminfo_object
Name
mariadb-pam

mariadb-pam is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948010 of type rpminfo_object
Name
mariadb-pam

mariadb-server is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948011 of type rpminfo_object
Name
mariadb-server

mariadb-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948011 of type rpminfo_object
Name
mariadb-server

mariadb-server-galera is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948012 of type rpminfo_object
Name
mariadb-server-galera

mariadb-server-galera is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948012 of type rpminfo_object
Name
mariadb-server-galera

mariadb-server-utils is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948013 of type rpminfo_object
Name
mariadb-server-utils

mariadb-server-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948013 of type rpminfo_object
Name
mariadb-server-utils

mariadb-test is earlier than 3:10.5.22-1.el9_2  oval:com.redhat.rhsa:tst:20235684027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948014 of type rpminfo_object
Name
mariadb-test

mariadb-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948014 of type rpminfo_object
Name
mariadb-test

galera is earlier than 0:26.4.14-1.el9_2  oval:com.redhat.rhsa:tst:20235684029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235684015 of type rpminfo_object
Name
galera

galera is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235684030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235684015 of type rpminfo_object
Name
galera
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235539
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libvpx is earlier than 0:1.9.0-7.el9_2  oval:com.redhat.rhsa:tst:20235539001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libvpxaarch64(none)7.el9_21.9.00:1.9.0-7.el9_2199e2f91fd431d51libvpx-0:1.9.0-7.el9_2.aarch64

libvpx is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235539002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libvpxaarch64(none)7.el9_21.9.00:1.9.0-7.el9_2199e2f91fd431d51libvpx-0:1.9.0-7.el9_2.aarch64

libvpx-devel is earlier than 0:1.9.0-7.el9_2  oval:com.redhat.rhsa:tst:20235539003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235539002 of type rpminfo_object
Name
libvpx-devel

libvpx-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235539004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235539002 of type rpminfo_object
Name
libvpx-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235532
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nodejs is earlier than 1:16.20.2-1.el9_2  oval:com.redhat.rhsa:tst:20235532001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-docs is earlier than 1:16.20.2-1.el9_2  oval:com.redhat.rhsa:tst:20235532003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:16.20.2-1.el9_2  oval:com.redhat.rhsa:tst:20235532005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-libs is earlier than 1:16.20.2-1.el9_2  oval:com.redhat.rhsa:tst:20235532007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

nodejs-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226595008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

npm is earlier than 1:8.19.4-1.16.20.2.1.el9_2  oval:com.redhat.rhsa:tst:20235532009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235462
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python-unversioned-command is earlier than 0:3.9.16-1.el9_2.2  oval:com.redhat.rhsa:tst:20235462001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python-unversioned-command is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python3 is earlier than 0:3.9.16-1.el9_2.2  oval:com.redhat.rhsa:tst:20235462003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3-debug is earlier than 0:3.9.16-1.el9_2.2  oval:com.redhat.rhsa:tst:20235462005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-devel is earlier than 0:3.9.16-1.el9_2.2  oval:com.redhat.rhsa:tst:20235462007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-idle is earlier than 0:3.9.16-1.el9_2.2  oval:com.redhat.rhsa:tst:20235462009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-idle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-libs is earlier than 0:3.9.16-1.el9_2.2  oval:com.redhat.rhsa:tst:20235462011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-test is earlier than 0:3.9.16-1.el9_2.2  oval:com.redhat.rhsa:tst:20235462013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-tkinter is earlier than 0:3.9.16-1.el9_2.2  oval:com.redhat.rhsa:tst:20235462015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter

python3-tkinter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235459
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ghostscript is earlier than 0:9.54.0-10.el9_2  oval:com.redhat.rhsa:tst:20235459001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscriptaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-0:9.54.0-14.el9_3.aarch64

ghostscript is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscriptaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-0:9.54.0-14.el9_3.aarch64

ghostscript-doc is earlier than 0:9.54.0-10.el9_2  oval:com.redhat.rhsa:tst:20235459003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459002 of type rpminfo_object
Name
ghostscript-doc

ghostscript-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459002 of type rpminfo_object
Name
ghostscript-doc

ghostscript-tools-dvipdf is earlier than 0:9.54.0-10.el9_2  oval:com.redhat.rhsa:tst:20235459005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459003 of type rpminfo_object
Name
ghostscript-tools-dvipdf

ghostscript-tools-dvipdf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459003 of type rpminfo_object
Name
ghostscript-tools-dvipdf

ghostscript-tools-fonts is earlier than 0:9.54.0-10.el9_2  oval:com.redhat.rhsa:tst:20235459007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-fontsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-fonts-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-fonts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-fontsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-fonts-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-printing is earlier than 0:9.54.0-10.el9_2  oval:com.redhat.rhsa:tst:20235459009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-printingaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-printing-0:9.54.0-14.el9_3.aarch64

ghostscript-tools-printing is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
ghostscript-tools-printingaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51ghostscript-tools-printing-0:9.54.0-14.el9_3.aarch64

ghostscript-x11 is earlier than 0:9.54.0-10.el9_2  oval:com.redhat.rhsa:tst:20235459011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459006 of type rpminfo_object
Name
ghostscript-x11

ghostscript-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459006 of type rpminfo_object
Name
ghostscript-x11

libgs is earlier than 0:9.54.0-10.el9_2  oval:com.redhat.rhsa:tst:20235459013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libgsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51libgs-0:9.54.0-14.el9_3.aarch64

libgs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libgsaarch64(none)14.el9_39.54.00:9.54.0-14.el9_3199e2f91fd431d51libgs-0:9.54.0-14.el9_3.aarch64

libgs-devel is earlier than 0:9.54.0-10.el9_2  oval:com.redhat.rhsa:tst:20235459015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459008 of type rpminfo_object
Name
libgs-devel

libgs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235459016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235459008 of type rpminfo_object
Name
libgs-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235456
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3.11 is earlier than 0:3.11.2-2.el9_2.2  oval:com.redhat.rhsa:tst:20235456001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585001 of type rpminfo_object
Name
python3.11

python3.11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585001 of type rpminfo_object
Name
python3.11

python3.11-debug is earlier than 0:3.11.2-2.el9_2.2  oval:com.redhat.rhsa:tst:20235456003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585002 of type rpminfo_object
Name
python3.11-debug

python3.11-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585002 of type rpminfo_object
Name
python3.11-debug

python3.11-devel is earlier than 0:3.11.2-2.el9_2.2  oval:com.redhat.rhsa:tst:20235456005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585003 of type rpminfo_object
Name
python3.11-devel

python3.11-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585003 of type rpminfo_object
Name
python3.11-devel

python3.11-idle is earlier than 0:3.11.2-2.el9_2.2  oval:com.redhat.rhsa:tst:20235456007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585004 of type rpminfo_object
Name
python3.11-idle

python3.11-idle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585004 of type rpminfo_object
Name
python3.11-idle

python3.11-libs is earlier than 0:3.11.2-2.el9_2.2  oval:com.redhat.rhsa:tst:20235456009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585005 of type rpminfo_object
Name
python3.11-libs

python3.11-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585005 of type rpminfo_object
Name
python3.11-libs

python3.11-test is earlier than 0:3.11.2-2.el9_2.2  oval:com.redhat.rhsa:tst:20235456011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585006 of type rpminfo_object
Name
python3.11-test

python3.11-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585006 of type rpminfo_object
Name
python3.11-test

python3.11-tkinter is earlier than 0:3.11.2-2.el9_2.2  oval:com.redhat.rhsa:tst:20235456013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585007 of type rpminfo_object
Name
python3.11-tkinter

python3.11-tkinter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585007 of type rpminfo_object
Name
python3.11-tkinter
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235453
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

glibc is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glibcaarch64(none)83.el9_3.72.340:2.34-83.el9_3.7199e2f91fd431d51glibc-0:2.34-83.el9_3.7.aarch64

glibc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glibcaarch64(none)83.el9_3.72.340:2.34-83.el9_3.7199e2f91fd431d51glibc-0:2.34-83.el9_3.7.aarch64

glibc-all-langpacks is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glibc-all-langpacksaarch64(none)83.el9_3.72.340:2.34-83.el9_3.7199e2f91fd431d51glibc-all-langpacks-0:2.34-83.el9_3.7.aarch64

glibc-all-langpacks is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glibc-all-langpacksaarch64(none)83.el9_3.72.340:2.34-83.el9_3.7199e2f91fd431d51glibc-all-langpacks-0:2.34-83.el9_3.7.aarch64

glibc-benchtests is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453003 of type rpminfo_object
Name
glibc-benchtests

glibc-benchtests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453003 of type rpminfo_object
Name
glibc-benchtests

glibc-common is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glibc-commonaarch64(none)83.el9_3.72.340:2.34-83.el9_3.7199e2f91fd431d51glibc-common-0:2.34-83.el9_3.7.aarch64

glibc-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glibc-commonaarch64(none)83.el9_3.72.340:2.34-83.el9_3.7199e2f91fd431d51glibc-common-0:2.34-83.el9_3.7.aarch64

glibc-devel is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453005 of type rpminfo_object
Name
glibc-devel

glibc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453005 of type rpminfo_object
Name
glibc-devel

glibc-doc is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453006 of type rpminfo_object
Name
glibc-doc

glibc-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453006 of type rpminfo_object
Name
glibc-doc

glibc-gconv-extra is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glibc-gconv-extraaarch64(none)83.el9_3.72.340:2.34-83.el9_3.7199e2f91fd431d51glibc-gconv-extra-0:2.34-83.el9_3.7.aarch64

glibc-gconv-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glibc-gconv-extraaarch64(none)83.el9_3.72.340:2.34-83.el9_3.7199e2f91fd431d51glibc-gconv-extra-0:2.34-83.el9_3.7.aarch64

glibc-headers is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453008 of type rpminfo_object
Name
glibc-headers

glibc-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453008 of type rpminfo_object
Name
glibc-headers

glibc-langpack-aa is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453009 of type rpminfo_object
Name
glibc-langpack-aa

glibc-langpack-aa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453009 of type rpminfo_object
Name
glibc-langpack-aa

glibc-langpack-af is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453010 of type rpminfo_object
Name
glibc-langpack-af

glibc-langpack-af is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453010 of type rpminfo_object
Name
glibc-langpack-af

glibc-langpack-agr is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453011 of type rpminfo_object
Name
glibc-langpack-agr

glibc-langpack-agr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453011 of type rpminfo_object
Name
glibc-langpack-agr

glibc-langpack-ak is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453012 of type rpminfo_object
Name
glibc-langpack-ak

glibc-langpack-ak is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453012 of type rpminfo_object
Name
glibc-langpack-ak

glibc-langpack-am is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453013 of type rpminfo_object
Name
glibc-langpack-am

glibc-langpack-am is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453013 of type rpminfo_object
Name
glibc-langpack-am

glibc-langpack-an is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453014 of type rpminfo_object
Name
glibc-langpack-an

glibc-langpack-an is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453014 of type rpminfo_object
Name
glibc-langpack-an

glibc-langpack-anp is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453015 of type rpminfo_object
Name
glibc-langpack-anp

glibc-langpack-anp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453015 of type rpminfo_object
Name
glibc-langpack-anp

glibc-langpack-ar is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453016 of type rpminfo_object
Name
glibc-langpack-ar

glibc-langpack-ar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453016 of type rpminfo_object
Name
glibc-langpack-ar

glibc-langpack-as is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453017 of type rpminfo_object
Name
glibc-langpack-as

glibc-langpack-as is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453017 of type rpminfo_object
Name
glibc-langpack-as

glibc-langpack-ast is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453018 of type rpminfo_object
Name
glibc-langpack-ast

glibc-langpack-ast is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453018 of type rpminfo_object
Name
glibc-langpack-ast

glibc-langpack-ayc is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453019 of type rpminfo_object
Name
glibc-langpack-ayc

glibc-langpack-ayc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453019 of type rpminfo_object
Name
glibc-langpack-ayc

glibc-langpack-az is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453020 of type rpminfo_object
Name
glibc-langpack-az

glibc-langpack-az is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453020 of type rpminfo_object
Name
glibc-langpack-az

glibc-langpack-be is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453021 of type rpminfo_object
Name
glibc-langpack-be

glibc-langpack-be is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453021 of type rpminfo_object
Name
glibc-langpack-be

glibc-langpack-bem is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453022 of type rpminfo_object
Name
glibc-langpack-bem

glibc-langpack-bem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453022 of type rpminfo_object
Name
glibc-langpack-bem

glibc-langpack-ber is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453023 of type rpminfo_object
Name
glibc-langpack-ber

glibc-langpack-ber is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453023 of type rpminfo_object
Name
glibc-langpack-ber

glibc-langpack-bg is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453024 of type rpminfo_object
Name
glibc-langpack-bg

glibc-langpack-bg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453024 of type rpminfo_object
Name
glibc-langpack-bg

glibc-langpack-bhb is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453025 of type rpminfo_object
Name
glibc-langpack-bhb

glibc-langpack-bhb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453025 of type rpminfo_object
Name
glibc-langpack-bhb

glibc-langpack-bho is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453026 of type rpminfo_object
Name
glibc-langpack-bho

glibc-langpack-bho is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453026 of type rpminfo_object
Name
glibc-langpack-bho

glibc-langpack-bi is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453027 of type rpminfo_object
Name
glibc-langpack-bi

glibc-langpack-bi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453027 of type rpminfo_object
Name
glibc-langpack-bi

glibc-langpack-bn is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453028 of type rpminfo_object
Name
glibc-langpack-bn

glibc-langpack-bn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453028 of type rpminfo_object
Name
glibc-langpack-bn

glibc-langpack-bo is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453029 of type rpminfo_object
Name
glibc-langpack-bo

glibc-langpack-bo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453058  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453029 of type rpminfo_object
Name
glibc-langpack-bo

glibc-langpack-br is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453030 of type rpminfo_object
Name
glibc-langpack-br

glibc-langpack-br is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453060  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453030 of type rpminfo_object
Name
glibc-langpack-br

glibc-langpack-brx is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453031 of type rpminfo_object
Name
glibc-langpack-brx

glibc-langpack-brx is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453062  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453031 of type rpminfo_object
Name
glibc-langpack-brx

glibc-langpack-bs is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453032 of type rpminfo_object
Name
glibc-langpack-bs

glibc-langpack-bs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453064  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453032 of type rpminfo_object
Name
glibc-langpack-bs

glibc-langpack-byn is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453065  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453033 of type rpminfo_object
Name
glibc-langpack-byn

glibc-langpack-byn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453066  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453033 of type rpminfo_object
Name
glibc-langpack-byn

glibc-langpack-ca is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453034 of type rpminfo_object
Name
glibc-langpack-ca

glibc-langpack-ca is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453068  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453034 of type rpminfo_object
Name
glibc-langpack-ca

glibc-langpack-ce is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453069  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453035 of type rpminfo_object
Name
glibc-langpack-ce

glibc-langpack-ce is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453070  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453035 of type rpminfo_object
Name
glibc-langpack-ce

glibc-langpack-chr is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453071  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453036 of type rpminfo_object
Name
glibc-langpack-chr

glibc-langpack-chr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453072  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453036 of type rpminfo_object
Name
glibc-langpack-chr

glibc-langpack-ckb is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453073  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453037 of type rpminfo_object
Name
glibc-langpack-ckb

glibc-langpack-ckb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453074  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453037 of type rpminfo_object
Name
glibc-langpack-ckb

glibc-langpack-cmn is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453075  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453038 of type rpminfo_object
Name
glibc-langpack-cmn

glibc-langpack-cmn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453076  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453038 of type rpminfo_object
Name
glibc-langpack-cmn

glibc-langpack-crh is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453077  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453039 of type rpminfo_object
Name
glibc-langpack-crh

glibc-langpack-crh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453078  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453039 of type rpminfo_object
Name
glibc-langpack-crh

glibc-langpack-cs is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453079  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453040 of type rpminfo_object
Name
glibc-langpack-cs

glibc-langpack-cs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453080  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453040 of type rpminfo_object
Name
glibc-langpack-cs

glibc-langpack-csb is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453081  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453041 of type rpminfo_object
Name
glibc-langpack-csb

glibc-langpack-csb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453082  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453041 of type rpminfo_object
Name
glibc-langpack-csb

glibc-langpack-cv is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453083  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453042 of type rpminfo_object
Name
glibc-langpack-cv

glibc-langpack-cv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453084  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453042 of type rpminfo_object
Name
glibc-langpack-cv

glibc-langpack-cy is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453085  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453043 of type rpminfo_object
Name
glibc-langpack-cy

glibc-langpack-cy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453086  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453043 of type rpminfo_object
Name
glibc-langpack-cy

glibc-langpack-da is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453087  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453044 of type rpminfo_object
Name
glibc-langpack-da

glibc-langpack-da is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453088  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453044 of type rpminfo_object
Name
glibc-langpack-da

glibc-langpack-de is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453089  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453045 of type rpminfo_object
Name
glibc-langpack-de

glibc-langpack-de is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453090  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453045 of type rpminfo_object
Name
glibc-langpack-de

glibc-langpack-doi is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453091  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453046 of type rpminfo_object
Name
glibc-langpack-doi

glibc-langpack-doi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453092  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453046 of type rpminfo_object
Name
glibc-langpack-doi

glibc-langpack-dsb is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453093  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453047 of type rpminfo_object
Name
glibc-langpack-dsb

glibc-langpack-dsb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453094  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453047 of type rpminfo_object
Name
glibc-langpack-dsb

glibc-langpack-dv is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453095  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453048 of type rpminfo_object
Name
glibc-langpack-dv

glibc-langpack-dv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453096  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453048 of type rpminfo_object
Name
glibc-langpack-dv

glibc-langpack-dz is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453097  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453049 of type rpminfo_object
Name
glibc-langpack-dz

glibc-langpack-dz is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453098  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453049 of type rpminfo_object
Name
glibc-langpack-dz

glibc-langpack-el is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453099  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453050 of type rpminfo_object
Name
glibc-langpack-el

glibc-langpack-el is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453100  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453050 of type rpminfo_object
Name
glibc-langpack-el

glibc-langpack-en is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453101  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glibc-langpack-enaarch64(none)83.el9_3.72.340:2.34-83.el9_3.7199e2f91fd431d51glibc-langpack-en-0:2.34-83.el9_3.7.aarch64

glibc-langpack-en is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453102  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
glibc-langpack-enaarch64(none)83.el9_3.72.340:2.34-83.el9_3.7199e2f91fd431d51glibc-langpack-en-0:2.34-83.el9_3.7.aarch64

glibc-langpack-eo is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453103  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453052 of type rpminfo_object
Name
glibc-langpack-eo

glibc-langpack-eo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453104  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453052 of type rpminfo_object
Name
glibc-langpack-eo

glibc-langpack-es is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453105  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453053 of type rpminfo_object
Name
glibc-langpack-es

glibc-langpack-es is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453106  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453053 of type rpminfo_object
Name
glibc-langpack-es

glibc-langpack-et is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453107  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453054 of type rpminfo_object
Name
glibc-langpack-et

glibc-langpack-et is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453108  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453054 of type rpminfo_object
Name
glibc-langpack-et

glibc-langpack-eu is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453109  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453055 of type rpminfo_object
Name
glibc-langpack-eu

glibc-langpack-eu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453110  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453055 of type rpminfo_object
Name
glibc-langpack-eu

glibc-langpack-fa is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453111  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453056 of type rpminfo_object
Name
glibc-langpack-fa

glibc-langpack-fa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453112  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453056 of type rpminfo_object
Name
glibc-langpack-fa

glibc-langpack-ff is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453113  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453057 of type rpminfo_object
Name
glibc-langpack-ff

glibc-langpack-ff is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453114  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453057 of type rpminfo_object
Name
glibc-langpack-ff

glibc-langpack-fi is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453115  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453058 of type rpminfo_object
Name
glibc-langpack-fi

glibc-langpack-fi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453116  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453058 of type rpminfo_object
Name
glibc-langpack-fi

glibc-langpack-fil is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453117  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453059 of type rpminfo_object
Name
glibc-langpack-fil

glibc-langpack-fil is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453118  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453059 of type rpminfo_object
Name
glibc-langpack-fil

glibc-langpack-fo is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453119  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453060 of type rpminfo_object
Name
glibc-langpack-fo

glibc-langpack-fo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453120  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453060 of type rpminfo_object
Name
glibc-langpack-fo

glibc-langpack-fr is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453121  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453061 of type rpminfo_object
Name
glibc-langpack-fr

glibc-langpack-fr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453122  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453061 of type rpminfo_object
Name
glibc-langpack-fr

glibc-langpack-fur is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453123  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453062 of type rpminfo_object
Name
glibc-langpack-fur

glibc-langpack-fur is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453124  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453062 of type rpminfo_object
Name
glibc-langpack-fur

glibc-langpack-fy is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453125  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453063 of type rpminfo_object
Name
glibc-langpack-fy

glibc-langpack-fy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453126  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453063 of type rpminfo_object
Name
glibc-langpack-fy

glibc-langpack-ga is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453127  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453064 of type rpminfo_object
Name
glibc-langpack-ga

glibc-langpack-ga is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453128  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453064 of type rpminfo_object
Name
glibc-langpack-ga

glibc-langpack-gd is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453129  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453065 of type rpminfo_object
Name
glibc-langpack-gd

glibc-langpack-gd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453130  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453065 of type rpminfo_object
Name
glibc-langpack-gd

glibc-langpack-gez is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453131  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453066 of type rpminfo_object
Name
glibc-langpack-gez

glibc-langpack-gez is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453132  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453066 of type rpminfo_object
Name
glibc-langpack-gez

glibc-langpack-gl is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453133  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453067 of type rpminfo_object
Name
glibc-langpack-gl

glibc-langpack-gl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453134  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453067 of type rpminfo_object
Name
glibc-langpack-gl

glibc-langpack-gu is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453135  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453068 of type rpminfo_object
Name
glibc-langpack-gu

glibc-langpack-gu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453136  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453068 of type rpminfo_object
Name
glibc-langpack-gu

glibc-langpack-gv is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453137  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453069 of type rpminfo_object
Name
glibc-langpack-gv

glibc-langpack-gv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453138  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453069 of type rpminfo_object
Name
glibc-langpack-gv

glibc-langpack-ha is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453139  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453070 of type rpminfo_object
Name
glibc-langpack-ha

glibc-langpack-ha is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453140  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453070 of type rpminfo_object
Name
glibc-langpack-ha

glibc-langpack-hak is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453141  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453071 of type rpminfo_object
Name
glibc-langpack-hak

glibc-langpack-hak is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453142  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453071 of type rpminfo_object
Name
glibc-langpack-hak

glibc-langpack-he is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453143  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453072 of type rpminfo_object
Name
glibc-langpack-he

glibc-langpack-he is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453144  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453072 of type rpminfo_object
Name
glibc-langpack-he

glibc-langpack-hi is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453145  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453073 of type rpminfo_object
Name
glibc-langpack-hi

glibc-langpack-hi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453146  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453073 of type rpminfo_object
Name
glibc-langpack-hi

glibc-langpack-hif is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453147  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453074 of type rpminfo_object
Name
glibc-langpack-hif

glibc-langpack-hif is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453148  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453074 of type rpminfo_object
Name
glibc-langpack-hif

glibc-langpack-hne is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453149  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453075 of type rpminfo_object
Name
glibc-langpack-hne

glibc-langpack-hne is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453150  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453075 of type rpminfo_object
Name
glibc-langpack-hne

glibc-langpack-hr is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453151  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453076 of type rpminfo_object
Name
glibc-langpack-hr

glibc-langpack-hr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453152  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453076 of type rpminfo_object
Name
glibc-langpack-hr

glibc-langpack-hsb is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453153  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453077 of type rpminfo_object
Name
glibc-langpack-hsb

glibc-langpack-hsb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453154  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453077 of type rpminfo_object
Name
glibc-langpack-hsb

glibc-langpack-ht is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453155  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453078 of type rpminfo_object
Name
glibc-langpack-ht

glibc-langpack-ht is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453156  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453078 of type rpminfo_object
Name
glibc-langpack-ht

glibc-langpack-hu is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453157  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453079 of type rpminfo_object
Name
glibc-langpack-hu

glibc-langpack-hu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453158  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453079 of type rpminfo_object
Name
glibc-langpack-hu

glibc-langpack-hy is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453159  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453080 of type rpminfo_object
Name
glibc-langpack-hy

glibc-langpack-hy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453160  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453080 of type rpminfo_object
Name
glibc-langpack-hy

glibc-langpack-ia is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453161  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453081 of type rpminfo_object
Name
glibc-langpack-ia

glibc-langpack-ia is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453162  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453081 of type rpminfo_object
Name
glibc-langpack-ia

glibc-langpack-id is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453163  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453082 of type rpminfo_object
Name
glibc-langpack-id

glibc-langpack-id is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453164  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453082 of type rpminfo_object
Name
glibc-langpack-id

glibc-langpack-ig is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453165  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453083 of type rpminfo_object
Name
glibc-langpack-ig

glibc-langpack-ig is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453166  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453083 of type rpminfo_object
Name
glibc-langpack-ig

glibc-langpack-ik is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453167  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453084 of type rpminfo_object
Name
glibc-langpack-ik

glibc-langpack-ik is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453168  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453084 of type rpminfo_object
Name
glibc-langpack-ik

glibc-langpack-is is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453169  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453085 of type rpminfo_object
Name
glibc-langpack-is

glibc-langpack-is is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453170  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453085 of type rpminfo_object
Name
glibc-langpack-is

glibc-langpack-it is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453171  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453086 of type rpminfo_object
Name
glibc-langpack-it

glibc-langpack-it is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453172  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453086 of type rpminfo_object
Name
glibc-langpack-it

glibc-langpack-iu is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453173  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453087 of type rpminfo_object
Name
glibc-langpack-iu

glibc-langpack-iu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453174  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453087 of type rpminfo_object
Name
glibc-langpack-iu

glibc-langpack-ja is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453175  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453088 of type rpminfo_object
Name
glibc-langpack-ja

glibc-langpack-ja is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453176  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453088 of type rpminfo_object
Name
glibc-langpack-ja

glibc-langpack-ka is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453177  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453089 of type rpminfo_object
Name
glibc-langpack-ka

glibc-langpack-ka is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453178  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453089 of type rpminfo_object
Name
glibc-langpack-ka

glibc-langpack-kab is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453179  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453090 of type rpminfo_object
Name
glibc-langpack-kab

glibc-langpack-kab is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453180  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453090 of type rpminfo_object
Name
glibc-langpack-kab

glibc-langpack-kk is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453181  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453091 of type rpminfo_object
Name
glibc-langpack-kk

glibc-langpack-kk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453182  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453091 of type rpminfo_object
Name
glibc-langpack-kk

glibc-langpack-kl is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453183  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453092 of type rpminfo_object
Name
glibc-langpack-kl

glibc-langpack-kl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453184  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453092 of type rpminfo_object
Name
glibc-langpack-kl

glibc-langpack-km is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453185  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453093 of type rpminfo_object
Name
glibc-langpack-km

glibc-langpack-km is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453186  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453093 of type rpminfo_object
Name
glibc-langpack-km

glibc-langpack-kn is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453187  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453094 of type rpminfo_object
Name
glibc-langpack-kn

glibc-langpack-kn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453188  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453094 of type rpminfo_object
Name
glibc-langpack-kn

glibc-langpack-ko is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453189  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453095 of type rpminfo_object
Name
glibc-langpack-ko

glibc-langpack-ko is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453190  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453095 of type rpminfo_object
Name
glibc-langpack-ko

glibc-langpack-kok is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453191  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453096 of type rpminfo_object
Name
glibc-langpack-kok

glibc-langpack-kok is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453192  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453096 of type rpminfo_object
Name
glibc-langpack-kok

glibc-langpack-ks is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453193  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453097 of type rpminfo_object
Name
glibc-langpack-ks

glibc-langpack-ks is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453194  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453097 of type rpminfo_object
Name
glibc-langpack-ks

glibc-langpack-ku is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453195  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453098 of type rpminfo_object
Name
glibc-langpack-ku

glibc-langpack-ku is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453196  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453098 of type rpminfo_object
Name
glibc-langpack-ku

glibc-langpack-kw is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453197  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453099 of type rpminfo_object
Name
glibc-langpack-kw

glibc-langpack-kw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453198  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453099 of type rpminfo_object
Name
glibc-langpack-kw

glibc-langpack-ky is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453199  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453100 of type rpminfo_object
Name
glibc-langpack-ky

glibc-langpack-ky is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453200  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453100 of type rpminfo_object
Name
glibc-langpack-ky

glibc-langpack-lb is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453201  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453101 of type rpminfo_object
Name
glibc-langpack-lb

glibc-langpack-lb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453202  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453101 of type rpminfo_object
Name
glibc-langpack-lb

glibc-langpack-lg is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453203  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453102 of type rpminfo_object
Name
glibc-langpack-lg

glibc-langpack-lg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453204  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453102 of type rpminfo_object
Name
glibc-langpack-lg

glibc-langpack-li is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453205  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453103 of type rpminfo_object
Name
glibc-langpack-li

glibc-langpack-li is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453206  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453103 of type rpminfo_object
Name
glibc-langpack-li

glibc-langpack-lij is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453207  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453104 of type rpminfo_object
Name
glibc-langpack-lij

glibc-langpack-lij is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453208  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453104 of type rpminfo_object
Name
glibc-langpack-lij

glibc-langpack-ln is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453209  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453105 of type rpminfo_object
Name
glibc-langpack-ln

glibc-langpack-ln is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453210  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453105 of type rpminfo_object
Name
glibc-langpack-ln

glibc-langpack-lo is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453211  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453106 of type rpminfo_object
Name
glibc-langpack-lo

glibc-langpack-lo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453212  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453106 of type rpminfo_object
Name
glibc-langpack-lo

glibc-langpack-lt is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453213  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453107 of type rpminfo_object
Name
glibc-langpack-lt

glibc-langpack-lt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453214  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453107 of type rpminfo_object
Name
glibc-langpack-lt

glibc-langpack-lv is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453215  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453108 of type rpminfo_object
Name
glibc-langpack-lv

glibc-langpack-lv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453216  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453108 of type rpminfo_object
Name
glibc-langpack-lv

glibc-langpack-lzh is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453217  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453109 of type rpminfo_object
Name
glibc-langpack-lzh

glibc-langpack-lzh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453218  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453109 of type rpminfo_object
Name
glibc-langpack-lzh

glibc-langpack-mag is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453219  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453110 of type rpminfo_object
Name
glibc-langpack-mag

glibc-langpack-mag is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453220  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453110 of type rpminfo_object
Name
glibc-langpack-mag

glibc-langpack-mai is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453221  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453111 of type rpminfo_object
Name
glibc-langpack-mai

glibc-langpack-mai is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453222  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453111 of type rpminfo_object
Name
glibc-langpack-mai

glibc-langpack-mfe is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453223  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453112 of type rpminfo_object
Name
glibc-langpack-mfe

glibc-langpack-mfe is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453224  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453112 of type rpminfo_object
Name
glibc-langpack-mfe

glibc-langpack-mg is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453225  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453113 of type rpminfo_object
Name
glibc-langpack-mg

glibc-langpack-mg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453226  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453113 of type rpminfo_object
Name
glibc-langpack-mg

glibc-langpack-mhr is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453227  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453114 of type rpminfo_object
Name
glibc-langpack-mhr

glibc-langpack-mhr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453228  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453114 of type rpminfo_object
Name
glibc-langpack-mhr

glibc-langpack-mi is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453229  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453115 of type rpminfo_object
Name
glibc-langpack-mi

glibc-langpack-mi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453230  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453115 of type rpminfo_object
Name
glibc-langpack-mi

glibc-langpack-miq is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453231  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453116 of type rpminfo_object
Name
glibc-langpack-miq

glibc-langpack-miq is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453232  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453116 of type rpminfo_object
Name
glibc-langpack-miq

glibc-langpack-mjw is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453233  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453117 of type rpminfo_object
Name
glibc-langpack-mjw

glibc-langpack-mjw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453234  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453117 of type rpminfo_object
Name
glibc-langpack-mjw

glibc-langpack-mk is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453235  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453118 of type rpminfo_object
Name
glibc-langpack-mk

glibc-langpack-mk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453236  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453118 of type rpminfo_object
Name
glibc-langpack-mk

glibc-langpack-ml is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453237  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453119 of type rpminfo_object
Name
glibc-langpack-ml

glibc-langpack-ml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453238  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453119 of type rpminfo_object
Name
glibc-langpack-ml

glibc-langpack-mn is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453239  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453120 of type rpminfo_object
Name
glibc-langpack-mn

glibc-langpack-mn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453240  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453120 of type rpminfo_object
Name
glibc-langpack-mn

glibc-langpack-mni is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453241  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453121 of type rpminfo_object
Name
glibc-langpack-mni

glibc-langpack-mni is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453242  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453121 of type rpminfo_object
Name
glibc-langpack-mni

glibc-langpack-mnw is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453243  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453122 of type rpminfo_object
Name
glibc-langpack-mnw

glibc-langpack-mnw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453244  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453122 of type rpminfo_object
Name
glibc-langpack-mnw

glibc-langpack-mr is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453245  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453123 of type rpminfo_object
Name
glibc-langpack-mr

glibc-langpack-mr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453246  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453123 of type rpminfo_object
Name
glibc-langpack-mr

glibc-langpack-ms is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453247  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453124 of type rpminfo_object
Name
glibc-langpack-ms

glibc-langpack-ms is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453248  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453124 of type rpminfo_object
Name
glibc-langpack-ms

glibc-langpack-mt is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453249  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453125 of type rpminfo_object
Name
glibc-langpack-mt

glibc-langpack-mt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453250  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453125 of type rpminfo_object
Name
glibc-langpack-mt

glibc-langpack-my is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453251  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453126 of type rpminfo_object
Name
glibc-langpack-my

glibc-langpack-my is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453252  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453126 of type rpminfo_object
Name
glibc-langpack-my

glibc-langpack-nan is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453253  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453127 of type rpminfo_object
Name
glibc-langpack-nan

glibc-langpack-nan is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453254  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453127 of type rpminfo_object
Name
glibc-langpack-nan

glibc-langpack-nb is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453255  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453128 of type rpminfo_object
Name
glibc-langpack-nb

glibc-langpack-nb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453256  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453128 of type rpminfo_object
Name
glibc-langpack-nb

glibc-langpack-nds is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453257  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453129 of type rpminfo_object
Name
glibc-langpack-nds

glibc-langpack-nds is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453258  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453129 of type rpminfo_object
Name
glibc-langpack-nds

glibc-langpack-ne is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453259  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453130 of type rpminfo_object
Name
glibc-langpack-ne

glibc-langpack-ne is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453260  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453130 of type rpminfo_object
Name
glibc-langpack-ne

glibc-langpack-nhn is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453261  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453131 of type rpminfo_object
Name
glibc-langpack-nhn

glibc-langpack-nhn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453262  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453131 of type rpminfo_object
Name
glibc-langpack-nhn

glibc-langpack-niu is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453263  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453132 of type rpminfo_object
Name
glibc-langpack-niu

glibc-langpack-niu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453264  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453132 of type rpminfo_object
Name
glibc-langpack-niu

glibc-langpack-nl is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453265  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453133 of type rpminfo_object
Name
glibc-langpack-nl

glibc-langpack-nl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453266  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453133 of type rpminfo_object
Name
glibc-langpack-nl

glibc-langpack-nn is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453267  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453134 of type rpminfo_object
Name
glibc-langpack-nn

glibc-langpack-nn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453268  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453134 of type rpminfo_object
Name
glibc-langpack-nn

glibc-langpack-nr is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453269  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453135 of type rpminfo_object
Name
glibc-langpack-nr

glibc-langpack-nr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453270  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453135 of type rpminfo_object
Name
glibc-langpack-nr

glibc-langpack-nso is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453271  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453136 of type rpminfo_object
Name
glibc-langpack-nso

glibc-langpack-nso is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453272  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453136 of type rpminfo_object
Name
glibc-langpack-nso

glibc-langpack-oc is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453273  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453137 of type rpminfo_object
Name
glibc-langpack-oc

glibc-langpack-oc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453274  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453137 of type rpminfo_object
Name
glibc-langpack-oc

glibc-langpack-om is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453275  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453138 of type rpminfo_object
Name
glibc-langpack-om

glibc-langpack-om is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453276  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453138 of type rpminfo_object
Name
glibc-langpack-om

glibc-langpack-or is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453277  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453139 of type rpminfo_object
Name
glibc-langpack-or

glibc-langpack-or is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453278  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453139 of type rpminfo_object
Name
glibc-langpack-or

glibc-langpack-os is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453279  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453140 of type rpminfo_object
Name
glibc-langpack-os

glibc-langpack-os is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453280  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453140 of type rpminfo_object
Name
glibc-langpack-os

glibc-langpack-pa is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453281  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453141 of type rpminfo_object
Name
glibc-langpack-pa

glibc-langpack-pa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453282  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453141 of type rpminfo_object
Name
glibc-langpack-pa

glibc-langpack-pap is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453283  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453142 of type rpminfo_object
Name
glibc-langpack-pap

glibc-langpack-pap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453284  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453142 of type rpminfo_object
Name
glibc-langpack-pap

glibc-langpack-pl is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453285  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453143 of type rpminfo_object
Name
glibc-langpack-pl

glibc-langpack-pl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453286  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453143 of type rpminfo_object
Name
glibc-langpack-pl

glibc-langpack-ps is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453287  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453144 of type rpminfo_object
Name
glibc-langpack-ps

glibc-langpack-ps is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453288  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453144 of type rpminfo_object
Name
glibc-langpack-ps

glibc-langpack-pt is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453289  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453145 of type rpminfo_object
Name
glibc-langpack-pt

glibc-langpack-pt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453290  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453145 of type rpminfo_object
Name
glibc-langpack-pt

glibc-langpack-quz is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453291  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453146 of type rpminfo_object
Name
glibc-langpack-quz

glibc-langpack-quz is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453292  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453146 of type rpminfo_object
Name
glibc-langpack-quz

glibc-langpack-raj is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453293  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453147 of type rpminfo_object
Name
glibc-langpack-raj

glibc-langpack-raj is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453294  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453147 of type rpminfo_object
Name
glibc-langpack-raj

glibc-langpack-ro is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453295  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453148 of type rpminfo_object
Name
glibc-langpack-ro

glibc-langpack-ro is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453296  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453148 of type rpminfo_object
Name
glibc-langpack-ro

glibc-langpack-ru is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453297  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453149 of type rpminfo_object
Name
glibc-langpack-ru

glibc-langpack-ru is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453298  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453149 of type rpminfo_object
Name
glibc-langpack-ru

glibc-langpack-rw is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453299  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453150 of type rpminfo_object
Name
glibc-langpack-rw

glibc-langpack-rw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453300  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453150 of type rpminfo_object
Name
glibc-langpack-rw

glibc-langpack-sa is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453301  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453151 of type rpminfo_object
Name
glibc-langpack-sa

glibc-langpack-sa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453302  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453151 of type rpminfo_object
Name
glibc-langpack-sa

glibc-langpack-sah is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453303  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453152 of type rpminfo_object
Name
glibc-langpack-sah

glibc-langpack-sah is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453304  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453152 of type rpminfo_object
Name
glibc-langpack-sah

glibc-langpack-sat is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453305  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453153 of type rpminfo_object
Name
glibc-langpack-sat

glibc-langpack-sat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453306  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453153 of type rpminfo_object
Name
glibc-langpack-sat

glibc-langpack-sc is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453307  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453154 of type rpminfo_object
Name
glibc-langpack-sc

glibc-langpack-sc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453308  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453154 of type rpminfo_object
Name
glibc-langpack-sc

glibc-langpack-sd is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453309  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453155 of type rpminfo_object
Name
glibc-langpack-sd

glibc-langpack-sd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453310  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453155 of type rpminfo_object
Name
glibc-langpack-sd

glibc-langpack-se is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453311  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453156 of type rpminfo_object
Name
glibc-langpack-se

glibc-langpack-se is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453312  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453156 of type rpminfo_object
Name
glibc-langpack-se

glibc-langpack-sgs is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453313  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453157 of type rpminfo_object
Name
glibc-langpack-sgs

glibc-langpack-sgs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453314  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453157 of type rpminfo_object
Name
glibc-langpack-sgs

glibc-langpack-shn is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453315  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453158 of type rpminfo_object
Name
glibc-langpack-shn

glibc-langpack-shn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453316  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453158 of type rpminfo_object
Name
glibc-langpack-shn

glibc-langpack-shs is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453317  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453159 of type rpminfo_object
Name
glibc-langpack-shs

glibc-langpack-shs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453318  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453159 of type rpminfo_object
Name
glibc-langpack-shs

glibc-langpack-si is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453319  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453160 of type rpminfo_object
Name
glibc-langpack-si

glibc-langpack-si is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453320  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453160 of type rpminfo_object
Name
glibc-langpack-si

glibc-langpack-sid is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453321  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453161 of type rpminfo_object
Name
glibc-langpack-sid

glibc-langpack-sid is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453322  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453161 of type rpminfo_object
Name
glibc-langpack-sid

glibc-langpack-sk is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453323  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453162 of type rpminfo_object
Name
glibc-langpack-sk

glibc-langpack-sk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453324  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453162 of type rpminfo_object
Name
glibc-langpack-sk

glibc-langpack-sl is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453325  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453163 of type rpminfo_object
Name
glibc-langpack-sl

glibc-langpack-sl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453326  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453163 of type rpminfo_object
Name
glibc-langpack-sl

glibc-langpack-sm is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453327  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453164 of type rpminfo_object
Name
glibc-langpack-sm

glibc-langpack-sm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453328  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453164 of type rpminfo_object
Name
glibc-langpack-sm

glibc-langpack-so is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453329  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453165 of type rpminfo_object
Name
glibc-langpack-so

glibc-langpack-so is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453330  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453165 of type rpminfo_object
Name
glibc-langpack-so

glibc-langpack-sq is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453331  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453166 of type rpminfo_object
Name
glibc-langpack-sq

glibc-langpack-sq is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453332  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453166 of type rpminfo_object
Name
glibc-langpack-sq

glibc-langpack-sr is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453333  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453167 of type rpminfo_object
Name
glibc-langpack-sr

glibc-langpack-sr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453334  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453167 of type rpminfo_object
Name
glibc-langpack-sr

glibc-langpack-ss is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453335  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453168 of type rpminfo_object
Name
glibc-langpack-ss

glibc-langpack-ss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453336  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453168 of type rpminfo_object
Name
glibc-langpack-ss

glibc-langpack-st is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453337  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453169 of type rpminfo_object
Name
glibc-langpack-st

glibc-langpack-st is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453338  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453169 of type rpminfo_object
Name
glibc-langpack-st

glibc-langpack-sv is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453339  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453170 of type rpminfo_object
Name
glibc-langpack-sv

glibc-langpack-sv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453340  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453170 of type rpminfo_object
Name
glibc-langpack-sv

glibc-langpack-sw is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453341  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453171 of type rpminfo_object
Name
glibc-langpack-sw

glibc-langpack-sw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453342  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453171 of type rpminfo_object
Name
glibc-langpack-sw

glibc-langpack-szl is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453343  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453172 of type rpminfo_object
Name
glibc-langpack-szl

glibc-langpack-szl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453344  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453172 of type rpminfo_object
Name
glibc-langpack-szl

glibc-langpack-ta is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453345  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453173 of type rpminfo_object
Name
glibc-langpack-ta

glibc-langpack-ta is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453346  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453173 of type rpminfo_object
Name
glibc-langpack-ta

glibc-langpack-tcy is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453347  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453174 of type rpminfo_object
Name
glibc-langpack-tcy

glibc-langpack-tcy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453348  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453174 of type rpminfo_object
Name
glibc-langpack-tcy

glibc-langpack-te is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453349  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453175 of type rpminfo_object
Name
glibc-langpack-te

glibc-langpack-te is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453350  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453175 of type rpminfo_object
Name
glibc-langpack-te

glibc-langpack-tg is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453351  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453176 of type rpminfo_object
Name
glibc-langpack-tg

glibc-langpack-tg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453352  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453176 of type rpminfo_object
Name
glibc-langpack-tg

glibc-langpack-th is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453353  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453177 of type rpminfo_object
Name
glibc-langpack-th

glibc-langpack-th is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453354  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453177 of type rpminfo_object
Name
glibc-langpack-th

glibc-langpack-the is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453355  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453178 of type rpminfo_object
Name
glibc-langpack-the

glibc-langpack-the is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453356  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453178 of type rpminfo_object
Name
glibc-langpack-the

glibc-langpack-ti is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453357  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453179 of type rpminfo_object
Name
glibc-langpack-ti

glibc-langpack-ti is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453358  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453179 of type rpminfo_object
Name
glibc-langpack-ti

glibc-langpack-tig is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453359  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453180 of type rpminfo_object
Name
glibc-langpack-tig

glibc-langpack-tig is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453360  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453180 of type rpminfo_object
Name
glibc-langpack-tig

glibc-langpack-tk is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453361  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453181 of type rpminfo_object
Name
glibc-langpack-tk

glibc-langpack-tk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453362  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453181 of type rpminfo_object
Name
glibc-langpack-tk

glibc-langpack-tl is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453363  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453182 of type rpminfo_object
Name
glibc-langpack-tl

glibc-langpack-tl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453364  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453182 of type rpminfo_object
Name
glibc-langpack-tl

glibc-langpack-tn is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453365  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453183 of type rpminfo_object
Name
glibc-langpack-tn

glibc-langpack-tn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453366  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453183 of type rpminfo_object
Name
glibc-langpack-tn

glibc-langpack-to is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453367  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453184 of type rpminfo_object
Name
glibc-langpack-to

glibc-langpack-to is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453368  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453184 of type rpminfo_object
Name
glibc-langpack-to

glibc-langpack-tpi is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453369  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453185 of type rpminfo_object
Name
glibc-langpack-tpi

glibc-langpack-tpi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453370  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453185 of type rpminfo_object
Name
glibc-langpack-tpi

glibc-langpack-tr is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453371  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453186 of type rpminfo_object
Name
glibc-langpack-tr

glibc-langpack-tr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453372  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453186 of type rpminfo_object
Name
glibc-langpack-tr

glibc-langpack-ts is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453373  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453187 of type rpminfo_object
Name
glibc-langpack-ts

glibc-langpack-ts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453374  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453187 of type rpminfo_object
Name
glibc-langpack-ts

glibc-langpack-tt is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453375  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453188 of type rpminfo_object
Name
glibc-langpack-tt

glibc-langpack-tt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453376  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453188 of type rpminfo_object
Name
glibc-langpack-tt

glibc-langpack-ug is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453377  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453189 of type rpminfo_object
Name
glibc-langpack-ug

glibc-langpack-ug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453378  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453189 of type rpminfo_object
Name
glibc-langpack-ug

glibc-langpack-uk is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453379  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453190 of type rpminfo_object
Name
glibc-langpack-uk

glibc-langpack-uk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453380  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453190 of type rpminfo_object
Name
glibc-langpack-uk

glibc-langpack-unm is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453381  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453191 of type rpminfo_object
Name
glibc-langpack-unm

glibc-langpack-unm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453382  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453191 of type rpminfo_object
Name
glibc-langpack-unm

glibc-langpack-ur is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453383  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453192 of type rpminfo_object
Name
glibc-langpack-ur

glibc-langpack-ur is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453384  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453192 of type rpminfo_object
Name
glibc-langpack-ur

glibc-langpack-uz is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453385  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453193 of type rpminfo_object
Name
glibc-langpack-uz

glibc-langpack-uz is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453386  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453193 of type rpminfo_object
Name
glibc-langpack-uz

glibc-langpack-ve is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453387  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453194 of type rpminfo_object
Name
glibc-langpack-ve

glibc-langpack-ve is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453388  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453194 of type rpminfo_object
Name
glibc-langpack-ve

glibc-langpack-vi is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453389  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453195 of type rpminfo_object
Name
glibc-langpack-vi

glibc-langpack-vi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453390  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453195 of type rpminfo_object
Name
glibc-langpack-vi

glibc-langpack-wa is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453391  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453196 of type rpminfo_object
Name
glibc-langpack-wa

glibc-langpack-wa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453392  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453196 of type rpminfo_object
Name
glibc-langpack-wa

glibc-langpack-wae is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453393  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453197 of type rpminfo_object
Name
glibc-langpack-wae

glibc-langpack-wae is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453394  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453197 of type rpminfo_object
Name
glibc-langpack-wae

glibc-langpack-wal is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453395  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453198 of type rpminfo_object
Name
glibc-langpack-wal

glibc-langpack-wal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453396  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453198 of type rpminfo_object
Name
glibc-langpack-wal

glibc-langpack-wo is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453397  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453199 of type rpminfo_object
Name
glibc-langpack-wo

glibc-langpack-wo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453398  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453199 of type rpminfo_object
Name
glibc-langpack-wo

glibc-langpack-xh is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453399  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453200 of type rpminfo_object
Name
glibc-langpack-xh

glibc-langpack-xh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453400  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453200 of type rpminfo_object
Name
glibc-langpack-xh

glibc-langpack-yi is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453401  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453201 of type rpminfo_object
Name
glibc-langpack-yi

glibc-langpack-yi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453402  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453201 of type rpminfo_object
Name
glibc-langpack-yi

glibc-langpack-yo is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453403  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453202 of type rpminfo_object
Name
glibc-langpack-yo

glibc-langpack-yo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453404  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453202 of type rpminfo_object
Name
glibc-langpack-yo

glibc-langpack-yue is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453405  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453203 of type rpminfo_object
Name
glibc-langpack-yue

glibc-langpack-yue is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453406  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453203 of type rpminfo_object
Name
glibc-langpack-yue

glibc-langpack-yuw is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453407  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453204 of type rpminfo_object
Name
glibc-langpack-yuw

glibc-langpack-yuw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453408  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453204 of type rpminfo_object
Name
glibc-langpack-yuw

glibc-langpack-zh is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453409  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453205 of type rpminfo_object
Name
glibc-langpack-zh

glibc-langpack-zh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453410  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453205 of type rpminfo_object
Name
glibc-langpack-zh

glibc-langpack-zu is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453411  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453206 of type rpminfo_object
Name
glibc-langpack-zu

glibc-langpack-zu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453412  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453206 of type rpminfo_object
Name
glibc-langpack-zu

glibc-locale-source is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453413  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453207 of type rpminfo_object
Name
glibc-locale-source

glibc-locale-source is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453414  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453207 of type rpminfo_object
Name
glibc-locale-source

glibc-minimal-langpack is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453415  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453208 of type rpminfo_object
Name
glibc-minimal-langpack

glibc-minimal-langpack is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453416  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453208 of type rpminfo_object
Name
glibc-minimal-langpack

glibc-nss-devel is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453417  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453209 of type rpminfo_object
Name
glibc-nss-devel

glibc-nss-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453418  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453209 of type rpminfo_object
Name
glibc-nss-devel

glibc-static is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453419  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453210 of type rpminfo_object
Name
glibc-static

glibc-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453420  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453210 of type rpminfo_object
Name
glibc-static

glibc-utils is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453421  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453211 of type rpminfo_object
Name
glibc-utils

glibc-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453422  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453211 of type rpminfo_object
Name
glibc-utils

libnsl is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453423  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453212 of type rpminfo_object
Name
libnsl

libnsl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453424  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453212 of type rpminfo_object
Name
libnsl

nscd is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453425  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453213 of type rpminfo_object
Name
nscd

nscd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453426  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453213 of type rpminfo_object
Name
nscd

nss_db is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453427  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453214 of type rpminfo_object
Name
nss_db

nss_db is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453428  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453214 of type rpminfo_object
Name
nss_db

nss_hesiod is earlier than 0:2.34-60.el9_2.7  oval:com.redhat.rhsa:tst:20235453429  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453215 of type rpminfo_object
Name
nss_hesiod

nss_hesiod is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235453430  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235453215 of type rpminfo_object
Name
nss_hesiod
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235435
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:115.3.1-1.el9_2  oval:com.redhat.rhsa:tst:20235435001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235434
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:115.3.1-1.el9_2  oval:com.redhat.rhsa:tst:20235434001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:115.3.1-1.el9_2  oval:com.redhat.rhsa:tst:20235434003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235363
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module nodejs:18 is enabled  oval:com.redhat.rhsa:tst:20228832017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252009 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/nodejs.module\[nodejs\][\w\W]*1

nodejs is earlier than 1:18.17.1-1.module+el9.2.0.z+19753+58118bc0  oval:com.redhat.rhsa:tst:20235363001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-devel is earlier than 1:18.17.1-1.module+el9.2.0.z+19753+58118bc0  oval:com.redhat.rhsa:tst:20235363003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-docs is earlier than 1:18.17.1-1.module+el9.2.0.z+19753+58118bc0  oval:com.redhat.rhsa:tst:20235363005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:18.17.1-1.module+el9.2.0.z+19753+58118bc0  oval:com.redhat.rhsa:tst:20235363007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-nodemon is earlier than 0:3.0.1-1.module+el9.2.0.z+19753+58118bc0  oval:com.redhat.rhsa:tst:20235363009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-nodemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-packaging is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging-bundler is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

nodejs-packaging-bundler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

npm is earlier than 1:9.6.7-1.18.17.1.1.module+el9.2.0.z+19753+58118bc0  oval:com.redhat.rhsa:tst:20235363015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235313
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

open-vm-tools is earlier than 0:12.1.5-1.el9_2.3  oval:com.redhat.rhsa:tst:20235313001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-toolsaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-toolsaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-desktop is earlier than 0:12.1.5-1.el9_2.3  oval:com.redhat.rhsa:tst:20235313003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-tools-desktopaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-desktop-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-desktop is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-tools-desktopaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-desktop-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-salt-minion is earlier than 0:12.1.5-1.el9_2.3  oval:com.redhat.rhsa:tst:20235313005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233948003 of type rpminfo_object
Name
open-vm-tools-salt-minion

open-vm-tools-salt-minion is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233948006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233948003 of type rpminfo_object
Name
open-vm-tools-salt-minion

open-vm-tools-sdmp is earlier than 0:12.1.5-1.el9_2.3  oval:com.redhat.rhsa:tst:20235313007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358003 of type rpminfo_object
Name
open-vm-tools-sdmp

open-vm-tools-sdmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358003 of type rpminfo_object
Name
open-vm-tools-sdmp

open-vm-tools-test is earlier than 0:12.1.5-1.el9_2.3  oval:com.redhat.rhsa:tst:20235313009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358004 of type rpminfo_object
Name
open-vm-tools-test

open-vm-tools-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358004 of type rpminfo_object
Name
open-vm-tools-test
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235224
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.15.1-1.el9_2  oval:com.redhat.rhsa:tst:20235224001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235214
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libwebp is earlier than 0:1.2.0-7.el9_2  oval:com.redhat.rhsa:tst:20235214001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwebpaarch64(none)8.el9_31.2.00:1.2.0-8.el9_3199e2f91fd431d51libwebp-0:1.2.0-8.el9_3.aarch64

libwebp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232078002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwebpaarch64(none)8.el9_31.2.00:1.2.0-8.el9_3199e2f91fd431d51libwebp-0:1.2.0-8.el9_3.aarch64

libwebp-devel is earlier than 0:1.2.0-7.el9_2  oval:com.redhat.rhsa:tst:20235214003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232078002 of type rpminfo_object
Name
libwebp-devel

libwebp-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232078004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232078002 of type rpminfo_object
Name
libwebp-devel

libwebp-tools is earlier than 0:1.2.0-7.el9_2  oval:com.redhat.rhsa:tst:20235214005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235214003 of type rpminfo_object
Name
libwebp-tools

libwebp-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235214006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235214003 of type rpminfo_object
Name
libwebp-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235200
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.15.1-1.el9_2  oval:com.redhat.rhsa:tst:20235200001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:102.15.1-1.el9_2  oval:com.redhat.rhsa:tst:20235200003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235194
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

frr is earlier than 0:8.3.1-5.el9_2.2  oval:com.redhat.rhsa:tst:20235194001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228112001 of type rpminfo_object
Name
frr

frr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228112002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228112001 of type rpminfo_object
Name
frr

frr-selinux is earlier than 0:8.3.1-5.el9_2.2  oval:com.redhat.rhsa:tst:20235194003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232202002 of type rpminfo_object
Name
frr-selinux

frr-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232202004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232202002 of type rpminfo_object
Name
frr-selinux
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235146
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-7.0 is earlier than 0:7.0.11-1.el9_2  oval:com.redhat.rhsa:tst:20235146001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-targeting-pack-7.0 is earlier than 0:7.0.11-1.el9_2  oval:com.redhat.rhsa:tst:20235146003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

aspnetcore-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

dotnet-apphost-pack-7.0 is earlier than 0:7.0.11-1.el9_2  oval:com.redhat.rhsa:tst:20235146005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-apphost-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-host is earlier than 0:7.0.11-1.el9_2  oval:com.redhat.rhsa:tst:20235146007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-7.0 is earlier than 0:7.0.11-1.el9_2  oval:com.redhat.rhsa:tst:20235146009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-hostfxr-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-runtime-7.0 is earlier than 0:7.0.11-1.el9_2  oval:com.redhat.rhsa:tst:20235146011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-sdk-7.0 is earlier than 0:7.0.111-1.el9_2  oval:com.redhat.rhsa:tst:20235146013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0-source-built-artifacts is earlier than 0:7.0.111-1.el9_2  oval:com.redhat.rhsa:tst:20235146015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-sdk-7.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-targeting-pack-7.0 is earlier than 0:7.0.11-1.el9_2  oval:com.redhat.rhsa:tst:20235146017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-templates-7.0 is earlier than 0:7.0.111-1.el9_2  oval:com.redhat.rhsa:tst:20235146019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

dotnet-templates-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

netstandard-targeting-pack-2.1 is earlier than 0:7.0.111-1.el9_2  oval:com.redhat.rhsa:tst:20235146021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235143
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.22-1.el9_2  oval:com.redhat.rhsa:tst:20235143001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.22-1.el9_2  oval:com.redhat.rhsa:tst:20235143003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.22-1.el9_2  oval:com.redhat.rhsa:tst:20235143005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-hostfxr-6.0 is earlier than 0:6.0.22-1.el9_2  oval:com.redhat.rhsa:tst:20235143007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.22-1.el9_2  oval:com.redhat.rhsa:tst:20235143009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.122-1.el9_2  oval:com.redhat.rhsa:tst:20235143011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.122-1.el9_2  oval:com.redhat.rhsa:tst:20235143013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.22-1.el9_2  oval:com.redhat.rhsa:tst:20235143015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.122-1.el9_2  oval:com.redhat.rhsa:tst:20235143017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235094
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

qemu-guest-agent is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
qemu-guest-agentaarch641716.el9_3.18.0.017:8.0.0-16.el9_3.1199e2f91fd431d51qemu-guest-agent-17:8.0.0-16.el9_3.1.aarch64

qemu-guest-agent is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
qemu-guest-agentaarch641716.el9_3.18.0.017:8.0.0-16.el9_3.1199e2f91fd431d51qemu-guest-agent-17:8.0.0-16.el9_3.1.aarch64

qemu-img is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263002 of type rpminfo_object
Name
qemu-img

qemu-img is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263002 of type rpminfo_object
Name
qemu-img

qemu-kvm is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263003 of type rpminfo_object
Name
qemu-kvm

qemu-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263003 of type rpminfo_object
Name
qemu-kvm

qemu-kvm-audio-pa is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263004 of type rpminfo_object
Name
qemu-kvm-audio-pa

qemu-kvm-audio-pa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263004 of type rpminfo_object
Name
qemu-kvm-audio-pa

qemu-kvm-block-curl is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263005 of type rpminfo_object
Name
qemu-kvm-block-curl

qemu-kvm-block-curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263005 of type rpminfo_object
Name
qemu-kvm-block-curl

qemu-kvm-block-rbd is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263006 of type rpminfo_object
Name
qemu-kvm-block-rbd

qemu-kvm-block-rbd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263006 of type rpminfo_object
Name
qemu-kvm-block-rbd

qemu-kvm-common is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263007 of type rpminfo_object
Name
qemu-kvm-common

qemu-kvm-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263007 of type rpminfo_object
Name
qemu-kvm-common

qemu-kvm-core is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263008 of type rpminfo_object
Name
qemu-kvm-core

qemu-kvm-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263008 of type rpminfo_object
Name
qemu-kvm-core

qemu-kvm-device-display-virtio-gpu is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263009 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu

qemu-kvm-device-display-virtio-gpu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263009 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu

qemu-kvm-device-display-virtio-gpu-ccw is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263010 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-ccw

qemu-kvm-device-display-virtio-gpu-ccw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263010 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-ccw

qemu-kvm-device-display-virtio-gpu-pci is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263012 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci

qemu-kvm-device-display-virtio-gpu-pci is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263012 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci

qemu-kvm-device-display-virtio-vga is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263014 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga

qemu-kvm-device-display-virtio-vga is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263014 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga

qemu-kvm-device-usb-host is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263016 of type rpminfo_object
Name
qemu-kvm-device-usb-host

qemu-kvm-device-usb-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263016 of type rpminfo_object
Name
qemu-kvm-device-usb-host

qemu-kvm-device-usb-redirect is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263017 of type rpminfo_object
Name
qemu-kvm-device-usb-redirect

qemu-kvm-device-usb-redirect is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263017 of type rpminfo_object
Name
qemu-kvm-device-usb-redirect

qemu-kvm-docs is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263018 of type rpminfo_object
Name
qemu-kvm-docs

qemu-kvm-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263018 of type rpminfo_object
Name
qemu-kvm-docs

qemu-kvm-tools is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263019 of type rpminfo_object
Name
qemu-kvm-tools

qemu-kvm-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263019 of type rpminfo_object
Name
qemu-kvm-tools

qemu-kvm-ui-egl-headless is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263020 of type rpminfo_object
Name
qemu-kvm-ui-egl-headless

qemu-kvm-ui-egl-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263020 of type rpminfo_object
Name
qemu-kvm-ui-egl-headless

qemu-kvm-ui-opengl is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263021 of type rpminfo_object
Name
qemu-kvm-ui-opengl

qemu-kvm-ui-opengl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263021 of type rpminfo_object
Name
qemu-kvm-ui-opengl

qemu-pr-helper is earlier than 17:7.2.0-14.el9_2.5  oval:com.redhat.rhsa:tst:20235094037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263022 of type rpminfo_object
Name
qemu-pr-helper

qemu-pr-helper is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263022 of type rpminfo_object
Name
qemu-pr-helper
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235093
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-284.11.1.el9_2 is currently running  oval:com.redhat.rhsa:tst:20233705006  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-284.11.1.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20235093007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235093005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20233705001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20233705003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233705002 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_11_1

kpatch-patch-5_14_0-284_11_1 is earlier than 0:1-5.el9_2  oval:com.redhat.rhsa:tst:20235093004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233705002 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_11_1

kpatch-patch-5_14_0-284_11_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233705005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233705002 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_11_1

kernel version 0:5.14.0-284.18.1.el9_2 is currently running  oval:com.redhat.rhsa:tst:20234380012  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-284.18.1.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20235093013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235093005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20234380008  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20234380009  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234380006 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_18_1

kpatch-patch-5_14_0-284_18_1 is earlier than 0:1-4.el9_2  oval:com.redhat.rhsa:tst:20235093010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234380006 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_18_1

kpatch-patch-5_14_0-284_18_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234380011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234380006 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_18_1

kernel version 0:5.14.0-284.25.1.el9_2 is currently running  oval:com.redhat.rhsa:tst:20235093018  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-284.25.1.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20235093019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235093005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20235093014  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20235093015  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235093007 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_25_1

kpatch-patch-5_14_0-284_25_1 is earlier than 0:1-3.el9_2  oval:com.redhat.rhsa:tst:20235093016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235093007 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_25_1

kpatch-patch-5_14_0-284_25_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235093017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235093007 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_25_1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235091
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel earlier than 0:5.14.0-284.30.1.el9_2 is currently running  oval:com.redhat.rhsa:tst:20235069097  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-284.30.1.rt14.315.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20235091030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235091017 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-core is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148008 of type rpminfo_object
Name
kernel-rt-debug-modules-core

kernel-rt-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232148016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148008 of type rpminfo_object
Name
kernel-rt-debug-modules-core

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-core is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148013 of type rpminfo_object
Name
kernel-rt-modules-core

kernel-rt-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232148026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148013 of type rpminfo_object
Name
kernel-rt-modules-core

kernel-rt-modules-extra is earlier than 0:5.14.0-284.30.1.rt14.315.el9_2  oval:com.redhat.rhsa:tst:20235091027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235081
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

librsvg2 is earlier than 0:2.50.7-1.el9_2.1  oval:com.redhat.rhsa:tst:20235081001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
librsvg2aarch64(none)2.el92.50.70:2.50.7-2.el9199e2f91fd431d51librsvg2-0:2.50.7-2.el9.aarch64

librsvg2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235081002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
librsvg2aarch64(none)2.el92.50.70:2.50.7-2.el9199e2f91fd431d51librsvg2-0:2.50.7-2.el9.aarch64

librsvg2-devel is earlier than 0:2.50.7-1.el9_2.1  oval:com.redhat.rhsa:tst:20235081003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235081002 of type rpminfo_object
Name
librsvg2-devel

librsvg2-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235081004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235081002 of type rpminfo_object
Name
librsvg2-devel

librsvg2-tools is earlier than 0:2.50.7-1.el9_2.1  oval:com.redhat.rhsa:tst:20235081005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
librsvg2-toolsaarch64(none)2.el92.50.70:2.50.7-2.el9199e2f91fd431d51librsvg2-tools-0:2.50.7-2.el9.aarch64

librsvg2-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235081006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
librsvg2-toolsaarch64(none)2.el92.50.70:2.50.7-2.el9199e2f91fd431d51librsvg2-tools-0:2.50.7-2.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235080
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

keylime is earlier than 0:6.5.2-6.el9_2  oval:com.redhat.rhsa:tst:20235080001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444001 of type rpminfo_object
Name
keylime

keylime is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444001 of type rpminfo_object
Name
keylime

keylime-base is earlier than 0:6.5.2-6.el9_2  oval:com.redhat.rhsa:tst:20235080003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444002 of type rpminfo_object
Name
keylime-base

keylime-base is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444002 of type rpminfo_object
Name
keylime-base

keylime-registrar is earlier than 0:6.5.2-6.el9_2  oval:com.redhat.rhsa:tst:20235080005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444003 of type rpminfo_object
Name
keylime-registrar

keylime-registrar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444003 of type rpminfo_object
Name
keylime-registrar

keylime-selinux is earlier than 0:6.5.2-6.el9_2  oval:com.redhat.rhsa:tst:20235080007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444004 of type rpminfo_object
Name
keylime-selinux

keylime-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444004 of type rpminfo_object
Name
keylime-selinux

keylime-tenant is earlier than 0:6.5.2-6.el9_2  oval:com.redhat.rhsa:tst:20235080009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444005 of type rpminfo_object
Name
keylime-tenant

keylime-tenant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444005 of type rpminfo_object
Name
keylime-tenant

keylime-verifier is earlier than 0:6.5.2-6.el9_2  oval:com.redhat.rhsa:tst:20235080011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444006 of type rpminfo_object
Name
keylime-verifier

keylime-verifier is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444006 of type rpminfo_object
Name
keylime-verifier

python3-keylime is earlier than 0:6.5.2-6.el9_2  oval:com.redhat.rhsa:tst:20235080013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444007 of type rpminfo_object
Name
python3-keylime

python3-keylime is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444007 of type rpminfo_object
Name
python3-keylime
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235071
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libcap is earlier than 0:2.48-9.el9_2  oval:com.redhat.rhsa:tst:20235071001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcapaarch64(none)9.el9_22.480:2.48-9.el9_2199e2f91fd431d51libcap-0:2.48-9.el9_2.aarch64

libcap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235071002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcapaarch64(none)9.el9_22.480:2.48-9.el9_2199e2f91fd431d51libcap-0:2.48-9.el9_2.aarch64

libcap-devel is earlier than 0:2.48-9.el9_2  oval:com.redhat.rhsa:tst:20235071003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235071002 of type rpminfo_object
Name
libcap-devel

libcap-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235071004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235071002 of type rpminfo_object
Name
libcap-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235069
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel earlier than 0:5.14.0-284.30.1.el9_2 is currently running  oval:com.redhat.rhsa:tst:20235069097  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-284.30.1.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20235069098  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20235069051 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:7.0.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-64k is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458003 of type rpminfo_object
Name
kernel-64k

kernel-64k is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458003 of type rpminfo_object
Name
kernel-64k

kernel-64k-core is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458004 of type rpminfo_object
Name
kernel-64k-core

kernel-64k-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458004 of type rpminfo_object
Name
kernel-64k-core

kernel-64k-debug is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458005 of type rpminfo_object
Name
kernel-64k-debug

kernel-64k-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458005 of type rpminfo_object
Name
kernel-64k-debug

kernel-64k-debug-core is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458006 of type rpminfo_object
Name
kernel-64k-debug-core

kernel-64k-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458006 of type rpminfo_object
Name
kernel-64k-debug-core

kernel-64k-debug-devel is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458007 of type rpminfo_object
Name
kernel-64k-debug-devel

kernel-64k-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458007 of type rpminfo_object
Name
kernel-64k-debug-devel

kernel-64k-debug-devel-matched is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458008 of type rpminfo_object
Name
kernel-64k-debug-devel-matched

kernel-64k-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458008 of type rpminfo_object
Name
kernel-64k-debug-devel-matched

kernel-64k-debug-modules is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458009 of type rpminfo_object
Name
kernel-64k-debug-modules

kernel-64k-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458009 of type rpminfo_object
Name
kernel-64k-debug-modules

kernel-64k-debug-modules-core is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458010 of type rpminfo_object
Name
kernel-64k-debug-modules-core

kernel-64k-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458010 of type rpminfo_object
Name
kernel-64k-debug-modules-core

kernel-64k-debug-modules-extra is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458011 of type rpminfo_object
Name
kernel-64k-debug-modules-extra

kernel-64k-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458011 of type rpminfo_object
Name
kernel-64k-debug-modules-extra

kernel-64k-devel is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458012 of type rpminfo_object
Name
kernel-64k-devel

kernel-64k-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458012 of type rpminfo_object
Name
kernel-64k-devel

kernel-64k-devel-matched is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458013 of type rpminfo_object
Name
kernel-64k-devel-matched

kernel-64k-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458013 of type rpminfo_object
Name
kernel-64k-devel-matched

kernel-64k-modules is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458014 of type rpminfo_object
Name
kernel-64k-modules

kernel-64k-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458014 of type rpminfo_object
Name
kernel-64k-modules

kernel-64k-modules-core is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458015 of type rpminfo_object
Name
kernel-64k-modules-core

kernel-64k-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458015 of type rpminfo_object
Name
kernel-64k-modules-core

kernel-64k-modules-extra is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458016 of type rpminfo_object
Name
kernel-64k-modules-extra

kernel-64k-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458016 of type rpminfo_object
Name
kernel-64k-modules-extra

kernel-abi-stablelists is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-core is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458025 of type rpminfo_object
Name
kernel-debug-modules-core

kernel-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458025 of type rpminfo_object
Name
kernel-debug-modules-core

kernel-debug-modules-extra is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-uki-virt is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458027 of type rpminfo_object
Name
kernel-debug-uki-virt

kernel-debug-uki-virt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458027 of type rpminfo_object
Name
kernel-debug-uki-virt

kernel-devel is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-headers is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-modules is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069063  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-core is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069065  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modules-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modules-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458066  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modules-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modules-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069069  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069071  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069073  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-uki-virt is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069075  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458038 of type rpminfo_object
Name
kernel-uki-virt

kernel-uki-virt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458076  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458038 of type rpminfo_object
Name
kernel-uki-virt

kernel-zfcpdump is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069077  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069079  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069081  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069083  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069085  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-core is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069087  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458044 of type rpminfo_object
Name
kernel-zfcpdump-modules-core

kernel-zfcpdump-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458088  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458044 of type rpminfo_object
Name
kernel-zfcpdump-modules-core

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069089  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069091  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069093  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

rtla is earlier than 0:5.14.0-284.30.1.el9_2  oval:com.redhat.rhsa:tst:20235069095  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458048 of type rpminfo_object
Name
rtla

rtla is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458096  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458048 of type rpminfo_object
Name
rtla
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235068
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

iwl100-firmware is earlier than 0:39.31.5.1-135.el9_2  oval:com.redhat.rhsa:tst:20235068001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl100-firmwarenoarch(none)140.el9_339.31.5.10:39.31.5.1-140.el9_3199e2f91fd431d51iwl100-firmware-0:39.31.5.1-140.el9_3.noarch

iwl100-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl100-firmwarenoarch(none)140.el9_339.31.5.10:39.31.5.1-140.el9_3199e2f91fd431d51iwl100-firmware-0:39.31.5.1-140.el9_3.noarch

iwl1000-firmware is earlier than 1:39.31.5.1-135.el9_2  oval:com.redhat.rhsa:tst:20235068003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl1000-firmwarenoarch1140.el9_339.31.5.11:39.31.5.1-140.el9_3199e2f91fd431d51iwl1000-firmware-1:39.31.5.1-140.el9_3.noarch

iwl1000-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl1000-firmwarenoarch1140.el9_339.31.5.11:39.31.5.1-140.el9_3199e2f91fd431d51iwl1000-firmware-1:39.31.5.1-140.el9_3.noarch

iwl105-firmware is earlier than 0:18.168.6.1-135.el9_2  oval:com.redhat.rhsa:tst:20235068005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl105-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl105-firmware-0:18.168.6.1-140.el9_3.noarch

iwl105-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl105-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl105-firmware-0:18.168.6.1-140.el9_3.noarch

iwl135-firmware is earlier than 0:18.168.6.1-135.el9_2  oval:com.redhat.rhsa:tst:20235068007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl135-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl135-firmware-0:18.168.6.1-140.el9_3.noarch

iwl135-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl135-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl135-firmware-0:18.168.6.1-140.el9_3.noarch

iwl2000-firmware is earlier than 0:18.168.6.1-135.el9_2  oval:com.redhat.rhsa:tst:20235068009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl2000-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl2000-firmware-0:18.168.6.1-140.el9_3.noarch

iwl2000-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl2000-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl2000-firmware-0:18.168.6.1-140.el9_3.noarch

iwl2030-firmware is earlier than 0:18.168.6.1-135.el9_2  oval:com.redhat.rhsa:tst:20235068011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl2030-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl2030-firmware-0:18.168.6.1-140.el9_3.noarch

iwl2030-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl2030-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl2030-firmware-0:18.168.6.1-140.el9_3.noarch

iwl3160-firmware is earlier than 1:25.30.13.0-135.el9_2  oval:com.redhat.rhsa:tst:20235068013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl3160-firmwarenoarch1140.el9_325.30.13.01:25.30.13.0-140.el9_3199e2f91fd431d51iwl3160-firmware-1:25.30.13.0-140.el9_3.noarch

iwl3160-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl3160-firmwarenoarch1140.el9_325.30.13.01:25.30.13.0-140.el9_3199e2f91fd431d51iwl3160-firmware-1:25.30.13.0-140.el9_3.noarch

iwl5000-firmware is earlier than 0:8.83.5.1_1-135.el9_2  oval:com.redhat.rhsa:tst:20235068015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl5000-firmwarenoarch(none)140.el9_38.83.5.1_10:8.83.5.1_1-140.el9_3199e2f91fd431d51iwl5000-firmware-0:8.83.5.1_1-140.el9_3.noarch

iwl5000-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl5000-firmwarenoarch(none)140.el9_38.83.5.1_10:8.83.5.1_1-140.el9_3199e2f91fd431d51iwl5000-firmware-0:8.83.5.1_1-140.el9_3.noarch

iwl5150-firmware is earlier than 0:8.24.2.2-135.el9_2  oval:com.redhat.rhsa:tst:20235068017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl5150-firmwarenoarch(none)140.el9_38.24.2.20:8.24.2.2-140.el9_3199e2f91fd431d51iwl5150-firmware-0:8.24.2.2-140.el9_3.noarch

iwl5150-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl5150-firmwarenoarch(none)140.el9_38.24.2.20:8.24.2.2-140.el9_3199e2f91fd431d51iwl5150-firmware-0:8.24.2.2-140.el9_3.noarch

iwl6000g2a-firmware is earlier than 0:18.168.6.1-135.el9_2  oval:com.redhat.rhsa:tst:20235068019  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6000g2a-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl6000g2a-firmware-0:18.168.6.1-140.el9_3.noarch

iwl6000g2a-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068020  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6000g2a-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl6000g2a-firmware-0:18.168.6.1-140.el9_3.noarch

iwl6000g2b-firmware is earlier than 0:18.168.6.1-135.el9_2  oval:com.redhat.rhsa:tst:20235068021  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6000g2b-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl6000g2b-firmware-0:18.168.6.1-140.el9_3.noarch

iwl6000g2b-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068022  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6000g2b-firmwarenoarch(none)140.el9_318.168.6.10:18.168.6.1-140.el9_3199e2f91fd431d51iwl6000g2b-firmware-0:18.168.6.1-140.el9_3.noarch

iwl6050-firmware is earlier than 0:41.28.5.1-135.el9_2  oval:com.redhat.rhsa:tst:20235068023  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6050-firmwarenoarch(none)140.el9_341.28.5.10:41.28.5.1-140.el9_3199e2f91fd431d51iwl6050-firmware-0:41.28.5.1-140.el9_3.noarch

iwl6050-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068024  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl6050-firmwarenoarch(none)140.el9_341.28.5.10:41.28.5.1-140.el9_3199e2f91fd431d51iwl6050-firmware-0:41.28.5.1-140.el9_3.noarch

iwl7260-firmware is earlier than 1:25.30.13.0-135.el9_2  oval:com.redhat.rhsa:tst:20235068025  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl7260-firmwarenoarch1140.el9_325.30.13.01:25.30.13.0-140.el9_3199e2f91fd431d51iwl7260-firmware-1:25.30.13.0-140.el9_3.noarch

iwl7260-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068026  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
iwl7260-firmwarenoarch1140.el9_325.30.13.01:25.30.13.0-140.el9_3199e2f91fd431d51iwl7260-firmware-1:25.30.13.0-140.el9_3.noarch

libertas-sd8787-firmware is earlier than 0:20230310-135.el9_2  oval:com.redhat.rhsa:tst:20235068027  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libertas-sd8787-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51libertas-sd8787-firmware-0:20230814-140.el9_3.noarch

libertas-sd8787-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068028  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libertas-sd8787-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51libertas-sd8787-firmware-0:20230814-140.el9_3.noarch

linux-firmware is earlier than 0:20230310-135.el9_2  oval:com.redhat.rhsa:tst:20235068029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
linux-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51linux-firmware-0:20230814-140.el9_3.noarch

linux-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068030  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
linux-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51linux-firmware-0:20230814-140.el9_3.noarch

linux-firmware-whence is earlier than 0:20230310-135.el9_2  oval:com.redhat.rhsa:tst:20235068031  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
linux-firmware-whencenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51linux-firmware-whence-0:20230814-140.el9_3.noarch

linux-firmware-whence is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
linux-firmware-whencenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51linux-firmware-whence-0:20230814-140.el9_3.noarch

netronome-firmware is earlier than 0:20230310-135.el9_2  oval:com.redhat.rhsa:tst:20235068033  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
netronome-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51netronome-firmware-0:20230814-140.el9_3.noarch

netronome-firmware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235068034  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
netronome-firmwarenoarch(none)140.el9_3202308140:20230814-140.el9_3199e2f91fd431d51netronome-firmware-0:20230814-140.el9_3.noarch
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235061
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

dmidecode is earlier than 1:3.3-7.el9_2.1  oval:com.redhat.rhsa:tst:20235061001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dmidecodeaarch6411.el93.51:3.5-1.el9199e2f91fd431d51dmidecode-1:3.5-1.el9.aarch64

dmidecode is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20235061002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dmidecodeaarch6411.el93.51:3.5-1.el9199e2f91fd431d51dmidecode-1:3.5-1.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20235048
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

flac is earlier than 0:1.3.3-10.el9_2.1  oval:com.redhat.rhsa:tst:20235048001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228078001 of type rpminfo_object
Name
flac

flac is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228078002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228078001 of type rpminfo_object
Name
flac

flac-devel is earlier than 0:1.3.3-10.el9_2.1  oval:com.redhat.rhsa:tst:20235048003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228078002 of type rpminfo_object
Name
flac-devel

flac-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228078004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228078002 of type rpminfo_object
Name
flac-devel

flac-libs is earlier than 0:1.3.3-10.el9_2.1  oval:com.redhat.rhsa:tst:20235048005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flac-libsaarch64(none)10.el9_2.11.3.30:1.3.3-10.el9_2.1199e2f91fd431d51flac-libs-0:1.3.3-10.el9_2.1.aarch64

flac-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228078006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flac-libsaarch64(none)10.el9_2.11.3.30:1.3.3-10.el9_2.1199e2f91fd431d51flac-libs-0:1.3.3-10.el9_2.1.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234958
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.15.0-1.el9_2  oval:com.redhat.rhsa:tst:20234958001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:102.15.0-1.el9_2  oval:com.redhat.rhsa:tst:20234958003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234955
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.15.0-1.el9_2  oval:com.redhat.rhsa:tst:20234955001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234838
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

cups is earlier than 1:2.3.3op2-16.el9_2.1  oval:com.redhat.rhsa:tst:20234838001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cupsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-1:2.3.3op2-21.el9.aarch64

cups is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cupsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-1:2.3.3op2-21.el9.aarch64

cups-client is earlier than 1:2.3.3op2-16.el9_2.1  oval:com.redhat.rhsa:tst:20234838003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-clientaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-client-1:2.3.3op2-21.el9.aarch64

cups-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-clientaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-client-1:2.3.3op2-21.el9.aarch64

cups-devel is earlier than 1:2.3.3op2-16.el9_2.1  oval:com.redhat.rhsa:tst:20234838005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990003 of type rpminfo_object
Name
cups-devel

cups-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990003 of type rpminfo_object
Name
cups-devel

cups-filesystem is earlier than 1:2.3.3op2-16.el9_2.1  oval:com.redhat.rhsa:tst:20234838007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-filesystemnoarch121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-filesystem-1:2.3.3op2-21.el9.noarch

cups-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-filesystemnoarch121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-filesystem-1:2.3.3op2-21.el9.noarch

cups-ipptool is earlier than 1:2.3.3op2-16.el9_2.1  oval:com.redhat.rhsa:tst:20234838009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-ipptoolaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-ipptool-1:2.3.3op2-21.el9.aarch64

cups-ipptool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-ipptoolaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-ipptool-1:2.3.3op2-21.el9.aarch64

cups-libs is earlier than 1:2.3.3op2-16.el9_2.1  oval:com.redhat.rhsa:tst:20234838011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-libsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-libs-1:2.3.3op2-21.el9.aarch64

cups-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-libsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-libs-1:2.3.3op2-21.el9.aarch64

cups-lpd is earlier than 1:2.3.3op2-16.el9_2.1  oval:com.redhat.rhsa:tst:20234838013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990007 of type rpminfo_object
Name
cups-lpd

cups-lpd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990007 of type rpminfo_object
Name
cups-lpd

cups-printerapp is earlier than 1:2.3.3op2-16.el9_2.1  oval:com.redhat.rhsa:tst:20234838015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990008 of type rpminfo_object
Name
cups-printerapp

cups-printerapp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990008 of type rpminfo_object
Name
cups-printerapp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234708
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libdnf-plugin-subscription-manager is earlier than 0:1.29.33.1-2.el9_2  oval:com.redhat.rhsa:tst:20234708001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libdnf-plugin-subscription-manageraarch64(none)1.el9_31.29.380:1.29.38-1.el9_3199e2f91fd431d51libdnf-plugin-subscription-manager-0:1.29.38-1.el9_3.aarch64

libdnf-plugin-subscription-manager is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234708002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libdnf-plugin-subscription-manageraarch64(none)1.el9_31.29.380:1.29.38-1.el9_3199e2f91fd431d51libdnf-plugin-subscription-manager-0:1.29.38-1.el9_3.aarch64

python3-cloud-what is earlier than 0:1.29.33.1-2.el9_2  oval:com.redhat.rhsa:tst:20234708003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-cloud-whataarch64(none)1.el9_31.29.380:1.29.38-1.el9_3199e2f91fd431d51python3-cloud-what-0:1.29.38-1.el9_3.aarch64

python3-cloud-what is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234708004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-cloud-whataarch64(none)1.el9_31.29.380:1.29.38-1.el9_3199e2f91fd431d51python3-cloud-what-0:1.29.38-1.el9_3.aarch64

python3-subscription-manager-rhsm is earlier than 0:1.29.33.1-2.el9_2  oval:com.redhat.rhsa:tst:20234708005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-subscription-manager-rhsmaarch64(none)1.el9_31.29.380:1.29.38-1.el9_3199e2f91fd431d51python3-subscription-manager-rhsm-0:1.29.38-1.el9_3.aarch64

python3-subscription-manager-rhsm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234708006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-subscription-manager-rhsmaarch64(none)1.el9_31.29.380:1.29.38-1.el9_3199e2f91fd431d51python3-subscription-manager-rhsm-0:1.29.38-1.el9_3.aarch64

subscription-manager is earlier than 0:1.29.33.1-2.el9_2  oval:com.redhat.rhsa:tst:20234708007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
subscription-manageraarch64(none)1.el9_31.29.380:1.29.38-1.el9_3199e2f91fd431d51subscription-manager-0:1.29.38-1.el9_3.aarch64

subscription-manager is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234708008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
subscription-manageraarch64(none)1.el9_31.29.380:1.29.38-1.el9_3199e2f91fd431d51subscription-manager-0:1.29.38-1.el9_3.aarch64

subscription-manager-plugin-ostree is earlier than 0:1.29.33.1-2.el9_2  oval:com.redhat.rhsa:tst:20234708009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234708005 of type rpminfo_object
Name
subscription-manager-plugin-ostree

subscription-manager-plugin-ostree is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234708010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234708005 of type rpminfo_object
Name
subscription-manager-plugin-ostree
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234644
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.21-1.el9_2  oval:com.redhat.rhsa:tst:20234644001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.21-1.el9_2  oval:com.redhat.rhsa:tst:20234644003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.21-1.el9_2  oval:com.redhat.rhsa:tst:20234644005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-hostfxr-6.0 is earlier than 0:6.0.21-1.el9_2  oval:com.redhat.rhsa:tst:20234644007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.21-1.el9_2  oval:com.redhat.rhsa:tst:20234644009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.121-1.el9_2  oval:com.redhat.rhsa:tst:20234644011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.121-1.el9_2  oval:com.redhat.rhsa:tst:20234644013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.21-1.el9_2  oval:com.redhat.rhsa:tst:20234644015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.121-1.el9_2  oval:com.redhat.rhsa:tst:20234644017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234642
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-7.0 is earlier than 0:7.0.10-1.el9_2  oval:com.redhat.rhsa:tst:20234642001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-targeting-pack-7.0 is earlier than 0:7.0.10-1.el9_2  oval:com.redhat.rhsa:tst:20234642003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

aspnetcore-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

dotnet-apphost-pack-7.0 is earlier than 0:7.0.10-1.el9_2  oval:com.redhat.rhsa:tst:20234642005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-apphost-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-host is earlier than 0:7.0.10-1.el9_2  oval:com.redhat.rhsa:tst:20234642007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-7.0 is earlier than 0:7.0.10-1.el9_2  oval:com.redhat.rhsa:tst:20234642009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-hostfxr-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-runtime-7.0 is earlier than 0:7.0.10-1.el9_2  oval:com.redhat.rhsa:tst:20234642011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-sdk-7.0 is earlier than 0:7.0.110-1.el9_2  oval:com.redhat.rhsa:tst:20234642013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0-source-built-artifacts is earlier than 0:7.0.110-1.el9_2  oval:com.redhat.rhsa:tst:20234642015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-sdk-7.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-targeting-pack-7.0 is earlier than 0:7.0.10-1.el9_2  oval:com.redhat.rhsa:tst:20234642017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-templates-7.0 is earlier than 0:7.0.110-1.el9_2  oval:com.redhat.rhsa:tst:20234642019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

dotnet-templates-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

netstandard-targeting-pack-2.1 is earlier than 0:7.0.110-1.el9_2  oval:com.redhat.rhsa:tst:20234642021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234634
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

cargo is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634001 of type rpminfo_object
Name
cargo

cargo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634001 of type rpminfo_object
Name
cargo

clippy is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634002 of type rpminfo_object
Name
clippy

clippy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634002 of type rpminfo_object
Name
clippy

rust is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634003 of type rpminfo_object
Name
rust

rust is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634003 of type rpminfo_object
Name
rust

rust-analysis is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634004 of type rpminfo_object
Name
rust-analysis

rust-analysis is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634004 of type rpminfo_object
Name
rust-analysis

rust-analyzer is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634005 of type rpminfo_object
Name
rust-analyzer

rust-analyzer is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634005 of type rpminfo_object
Name
rust-analyzer

rust-debugger-common is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634006 of type rpminfo_object
Name
rust-debugger-common

rust-debugger-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634006 of type rpminfo_object
Name
rust-debugger-common

rust-doc is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634007 of type rpminfo_object
Name
rust-doc

rust-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634007 of type rpminfo_object
Name
rust-doc

rust-gdb is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634008 of type rpminfo_object
Name
rust-gdb

rust-gdb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634008 of type rpminfo_object
Name
rust-gdb

rust-lldb is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634009 of type rpminfo_object
Name
rust-lldb

rust-lldb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634009 of type rpminfo_object
Name
rust-lldb

rust-src is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634010 of type rpminfo_object
Name
rust-src

rust-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634010 of type rpminfo_object
Name
rust-src

rust-std-static is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634011 of type rpminfo_object
Name
rust-std-static

rust-std-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634011 of type rpminfo_object
Name
rust-std-static

rust-std-static-wasm32-unknown-unknown is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634012 of type rpminfo_object
Name
rust-std-static-wasm32-unknown-unknown

rust-std-static-wasm32-unknown-unknown is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634012 of type rpminfo_object
Name
rust-std-static-wasm32-unknown-unknown

rust-std-static-wasm32-wasi is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634013 of type rpminfo_object
Name
rust-std-static-wasm32-wasi

rust-std-static-wasm32-wasi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634013 of type rpminfo_object
Name
rust-std-static-wasm32-wasi

rust-toolset is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634014 of type rpminfo_object
Name
rust-toolset

rust-toolset is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634014 of type rpminfo_object
Name
rust-toolset

rustfmt is earlier than 0:1.66.1-2.el9_2  oval:com.redhat.rhsa:tst:20234634029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634015 of type rpminfo_object
Name
rustfmt

rustfmt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234634030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234634015 of type rpminfo_object
Name
rustfmt
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234571
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

iperf3 is earlier than 0:3.9-10.el9_2  oval:com.redhat.rhsa:tst:20234571001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234571001 of type rpminfo_object
Name
iperf3

iperf3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234571002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234571001 of type rpminfo_object
Name
iperf3
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234569
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

dbus is earlier than 1:1.12.20-7.el9_2.1  oval:com.redhat.rhsa:tst:20234569001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbusaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-1:1.12.20-8.el9.aarch64

dbus is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbusaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-1:1.12.20-8.el9.aarch64

dbus-common is earlier than 1:1.12.20-7.el9_2.1  oval:com.redhat.rhsa:tst:20234569003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-commonnoarch18.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-common-1:1.12.20-8.el9.noarch

dbus-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-commonnoarch18.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-common-1:1.12.20-8.el9.noarch

dbus-daemon is earlier than 1:1.12.20-7.el9_2.1  oval:com.redhat.rhsa:tst:20234569005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-daemonaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-daemon-1:1.12.20-8.el9.aarch64

dbus-daemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-daemonaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-daemon-1:1.12.20-8.el9.aarch64

dbus-devel is earlier than 1:1.12.20-7.el9_2.1  oval:com.redhat.rhsa:tst:20234569007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230335004 of type rpminfo_object
Name
dbus-devel

dbus-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230335004 of type rpminfo_object
Name
dbus-devel

dbus-libs is earlier than 1:1.12.20-7.el9_2.1  oval:com.redhat.rhsa:tst:20234569009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-libsaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-libs-1:1.12.20-8.el9.aarch64

dbus-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-libsaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-libs-1:1.12.20-8.el9.aarch64

dbus-tools is earlier than 1:1.12.20-7.el9_2.1  oval:com.redhat.rhsa:tst:20234569011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-toolsaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-tools-1:1.12.20-8.el9.aarch64

dbus-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-toolsaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-tools-1:1.12.20-8.el9.aarch64

dbus-x11 is earlier than 1:1.12.20-7.el9_2.1  oval:com.redhat.rhsa:tst:20234569013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230335007 of type rpminfo_object
Name
dbus-x11

dbus-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230335007 of type rpminfo_object
Name
dbus-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234499
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.14.0-1.el9_2  oval:com.redhat.rhsa:tst:20234499001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234462
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.14.0-1.el9_2  oval:com.redhat.rhsa:tst:20234462001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:102.14.0-1.el9_2  oval:com.redhat.rhsa:tst:20234462003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234412
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

openssh is earlier than 0:8.7p1-30.el9_2  oval:com.redhat.rhsa:tst:20234412001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensshaarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-0:8.7p1-34.el9.aarch64

openssh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensshaarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-0:8.7p1-34.el9.aarch64

openssh-askpass is earlier than 0:8.7p1-30.el9_2  oval:com.redhat.rhsa:tst:20234412003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645002 of type rpminfo_object
Name
openssh-askpass

openssh-askpass is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645002 of type rpminfo_object
Name
openssh-askpass

openssh-clients is earlier than 0:8.7p1-30.el9_2  oval:com.redhat.rhsa:tst:20234412005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-clientsaarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-clients-0:8.7p1-34.el9.aarch64

openssh-clients is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-clientsaarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-clients-0:8.7p1-34.el9.aarch64

openssh-keycat is earlier than 0:8.7p1-30.el9_2  oval:com.redhat.rhsa:tst:20234412007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645004 of type rpminfo_object
Name
openssh-keycat

openssh-keycat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645004 of type rpminfo_object
Name
openssh-keycat

openssh-server is earlier than 0:8.7p1-30.el9_2  oval:com.redhat.rhsa:tst:20234412009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

openssh-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

pam_ssh_agent_auth is earlier than 0:0.10.4-5.30.el9_2  oval:com.redhat.rhsa:tst:20234412011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645006 of type rpminfo_object
Name
pam_ssh_agent_auth

pam_ssh_agent_auth is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645006 of type rpminfo_object
Name
pam_ssh_agent_auth
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234411
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

cjose is earlier than 0:0.6.1-13.el9_2  oval:com.redhat.rhsa:tst:20234411001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234411001 of type rpminfo_object
Name
cjose

cjose is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234411002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234411001 of type rpminfo_object
Name
cjose
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234380
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-284.11.1.el9_2 is currently running  oval:com.redhat.rhsa:tst:20233705006  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-284.11.1.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20234380007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234380005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20233705001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20233705003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233705002 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_11_1

kpatch-patch-5_14_0-284_11_1 is earlier than 0:1-2.el9_2  oval:com.redhat.rhsa:tst:20234380004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233705002 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_11_1

kpatch-patch-5_14_0-284_11_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233705005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233705002 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_11_1

kernel version 0:5.14.0-284.18.1.el9_2 is currently running  oval:com.redhat.rhsa:tst:20234380012  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-284.18.1.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20234380013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234380005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20234380008  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20234380009  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234380006 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_18_1

kpatch-patch-5_14_0-284_18_1 is earlier than 0:1-1.el9_2  oval:com.redhat.rhsa:tst:20234380010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234380006 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_18_1

kpatch-patch-5_14_0-284_18_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234380011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234380006 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_18_1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234378
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel earlier than 0:5.14.0-284.25.1.el9_2 is currently running  oval:com.redhat.rhsa:tst:20234377095  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-284.25.1.rt14.310.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20234378030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234378017 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-core is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148008 of type rpminfo_object
Name
kernel-rt-debug-modules-core

kernel-rt-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232148016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148008 of type rpminfo_object
Name
kernel-rt-debug-modules-core

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-core is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148013 of type rpminfo_object
Name
kernel-rt-modules-core

kernel-rt-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232148026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148013 of type rpminfo_object
Name
kernel-rt-modules-core

kernel-rt-modules-extra is earlier than 0:5.14.0-284.25.1.rt14.310.el9_2  oval:com.redhat.rhsa:tst:20234378027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234377
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel earlier than 0:5.14.0-284.25.1.el9_2 is currently running  oval:com.redhat.rhsa:tst:20234377095  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-284.25.1.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20234377096  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234377050 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:7.0.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-64k is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458003 of type rpminfo_object
Name
kernel-64k

kernel-64k is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458003 of type rpminfo_object
Name
kernel-64k

kernel-64k-core is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458004 of type rpminfo_object
Name
kernel-64k-core

kernel-64k-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458004 of type rpminfo_object
Name
kernel-64k-core

kernel-64k-debug is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458005 of type rpminfo_object
Name
kernel-64k-debug

kernel-64k-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458005 of type rpminfo_object
Name
kernel-64k-debug

kernel-64k-debug-core is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458006 of type rpminfo_object
Name
kernel-64k-debug-core

kernel-64k-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458006 of type rpminfo_object
Name
kernel-64k-debug-core

kernel-64k-debug-devel is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458007 of type rpminfo_object
Name
kernel-64k-debug-devel

kernel-64k-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458007 of type rpminfo_object
Name
kernel-64k-debug-devel

kernel-64k-debug-devel-matched is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458008 of type rpminfo_object
Name
kernel-64k-debug-devel-matched

kernel-64k-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458008 of type rpminfo_object
Name
kernel-64k-debug-devel-matched

kernel-64k-debug-modules is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458009 of type rpminfo_object
Name
kernel-64k-debug-modules

kernel-64k-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458009 of type rpminfo_object
Name
kernel-64k-debug-modules

kernel-64k-debug-modules-core is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458010 of type rpminfo_object
Name
kernel-64k-debug-modules-core

kernel-64k-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458010 of type rpminfo_object
Name
kernel-64k-debug-modules-core

kernel-64k-debug-modules-extra is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458011 of type rpminfo_object
Name
kernel-64k-debug-modules-extra

kernel-64k-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458011 of type rpminfo_object
Name
kernel-64k-debug-modules-extra

kernel-64k-devel is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458012 of type rpminfo_object
Name
kernel-64k-devel

kernel-64k-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458012 of type rpminfo_object
Name
kernel-64k-devel

kernel-64k-devel-matched is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458013 of type rpminfo_object
Name
kernel-64k-devel-matched

kernel-64k-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458013 of type rpminfo_object
Name
kernel-64k-devel-matched

kernel-64k-modules is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458014 of type rpminfo_object
Name
kernel-64k-modules

kernel-64k-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458014 of type rpminfo_object
Name
kernel-64k-modules

kernel-64k-modules-core is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458015 of type rpminfo_object
Name
kernel-64k-modules-core

kernel-64k-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458015 of type rpminfo_object
Name
kernel-64k-modules-core

kernel-64k-modules-extra is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458016 of type rpminfo_object
Name
kernel-64k-modules-extra

kernel-64k-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458016 of type rpminfo_object
Name
kernel-64k-modules-extra

kernel-abi-stablelists is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-core is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458025 of type rpminfo_object
Name
kernel-debug-modules-core

kernel-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458025 of type rpminfo_object
Name
kernel-debug-modules-core

kernel-debug-modules-extra is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-uki-virt is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458027 of type rpminfo_object
Name
kernel-debug-uki-virt

kernel-debug-uki-virt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458027 of type rpminfo_object
Name
kernel-debug-uki-virt

kernel-devel is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-modules is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377061  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-core is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377063  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modules-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modules-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458066  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modules-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modules-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377065  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377067  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377069  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377071  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-uki-virt is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377073  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458038 of type rpminfo_object
Name
kernel-uki-virt

kernel-uki-virt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458076  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458038 of type rpminfo_object
Name
kernel-uki-virt

kernel-zfcpdump is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377075  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377077  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377079  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377081  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377083  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-core is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377085  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458044 of type rpminfo_object
Name
kernel-zfcpdump-modules-core

kernel-zfcpdump-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458088  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458044 of type rpminfo_object
Name
kernel-zfcpdump-modules-core

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377087  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377089  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377091  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

rtla is earlier than 0:5.14.0-284.25.1.el9_2  oval:com.redhat.rhsa:tst:20234377093  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458048 of type rpminfo_object
Name
rtla

rtla is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458096  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458048 of type rpminfo_object
Name
rtla
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234354
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

curl is earlier than 0:7.76.1-23.el9_2.2  oval:com.redhat.rhsa:tst:20234354001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl-minimal is earlier than 0:7.76.1-23.el9_2.2  oval:com.redhat.rhsa:tst:20234354003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

curl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

libcurl is earlier than 0:7.76.1-23.el9_2.2  oval:com.redhat.rhsa:tst:20234354005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl-devel is earlier than 0:7.76.1-23.el9_2.2  oval:com.redhat.rhsa:tst:20234354007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-minimal is earlier than 0:7.76.1-23.el9_2.2  oval:com.redhat.rhsa:tst:20234354009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal

libcurl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234350
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-requests is earlier than 0:2.25.1-7.el9_2  oval:com.redhat.rhsa:tst:20234350001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-requestsnoarch(none)7.el9_22.25.10:2.25.1-7.el9_2199e2f91fd431d51python3-requests-0:2.25.1-7.el9_2.noarch

python3-requests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234350002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-requestsnoarch(none)7.el9_22.25.10:2.25.1-7.el9_2199e2f91fd431d51python3-requests-0:2.25.1-7.el9_2.noarch

python3-requests+security is earlier than 0:2.25.1-7.el9_2  oval:com.redhat.rhsa:tst:20234350003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234350002 of type rpminfo_object
Name
python3-requests+security

python3-requests+security is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234350004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234350002 of type rpminfo_object
Name
python3-requests+security

python3-requests+socks is earlier than 0:2.25.1-7.el9_2  oval:com.redhat.rhsa:tst:20234350005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234350003 of type rpminfo_object
Name
python3-requests+socks

python3-requests+socks is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234350006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234350003 of type rpminfo_object
Name
python3-requests+socks
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234349
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libxml2 is earlier than 0:2.9.13-3.el9_2.1  oval:com.redhat.rhsa:tst:20234349001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51libxml2-0:2.9.13-5.el9_3.aarch64

libxml2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51libxml2-0:2.9.13-5.el9_3.aarch64

libxml2-devel is earlier than 0:2.9.13-3.el9_2.1  oval:com.redhat.rhsa:tst:20234349003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225250002 of type rpminfo_object
Name
libxml2-devel

libxml2-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225250002 of type rpminfo_object
Name
libxml2-devel

python3-libxml2 is earlier than 0:2.9.13-3.el9_2.1  oval:com.redhat.rhsa:tst:20234349005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51python3-libxml2-0:2.9.13-5.el9_3.aarch64

python3-libxml2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51python3-libxml2-0:2.9.13-5.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234347
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libeconf is earlier than 0:0.4.1-3.el9_2  oval:com.redhat.rhsa:tst:20234347001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libeconfaarch64(none)3.el9_20.4.10:0.4.1-3.el9_2199e2f91fd431d51libeconf-0:0.4.1-3.el9_2.aarch64

libeconf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234347002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libeconfaarch64(none)3.el9_20.4.10:0.4.1-3.el9_2199e2f91fd431d51libeconf-0:0.4.1-3.el9_2.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234331
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nodejs is earlier than 1:16.20.1-1.el9_2  oval:com.redhat.rhsa:tst:20234331001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-docs is earlier than 1:16.20.1-1.el9_2  oval:com.redhat.rhsa:tst:20234331003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:16.20.1-1.el9_2  oval:com.redhat.rhsa:tst:20234331005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-libs is earlier than 1:16.20.1-1.el9_2  oval:com.redhat.rhsa:tst:20234331007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

nodejs-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226595008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

npm is earlier than 1:8.19.4-1.16.20.1.1.el9_2  oval:com.redhat.rhsa:tst:20234331009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234330
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module nodejs:18 is enabled  oval:com.redhat.rhsa:tst:20228832017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252009 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/nodejs.module\[nodejs\][\w\W]*1

nodejs is earlier than 1:18.16.1-1.module+el9.2.0.z+19424+78951f07  oval:com.redhat.rhsa:tst:20234330001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-devel is earlier than 1:18.16.1-1.module+el9.2.0.z+19424+78951f07  oval:com.redhat.rhsa:tst:20234330003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-docs is earlier than 1:18.16.1-1.module+el9.2.0.z+19424+78951f07  oval:com.redhat.rhsa:tst:20234330005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:18.16.1-1.module+el9.2.0.z+19424+78951f07  oval:com.redhat.rhsa:tst:20234330007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-nodemon is earlier than 0:2.0.20-2.module+el9.2.0.z+18497+a402347c  oval:com.redhat.rhsa:tst:20232654009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-nodemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-packaging is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging-bundler is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

nodejs-packaging-bundler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

npm is earlier than 1:9.5.1-1.18.16.1.1.module+el9.2.0.z+19424+78951f07  oval:com.redhat.rhsa:tst:20234330015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234327
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module postgresql:15 is enabled  oval:com.redhat.rhsa:tst:20234327037  true

Following items have been found on the system:
PathContent
/etc/dnf/modules.d/postgresql.module[postgresql] name=postgresql stream=15 profiles=server state=enabled

pg_repack is earlier than 0:1.4.8-1.module+el9.2.0+17405+aeb9ec60  oval:com.redhat.rhsa:tst:20234327001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327001 of type rpminfo_object
Name
pg_repack

pg_repack is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327001 of type rpminfo_object
Name
pg_repack

pgaudit is earlier than 0:1.7.0-1.module+el9.2.0+17405+aeb9ec60  oval:com.redhat.rhsa:tst:20234327003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327002 of type rpminfo_object
Name
pgaudit

pgaudit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327002 of type rpminfo_object
Name
pgaudit

postgres-decoderbufs is earlier than 0:1.9.7-1.Final.module+el9.2.0+17405+aeb9ec60  oval:com.redhat.rhsa:tst:20234327005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327003 of type rpminfo_object
Name
postgres-decoderbufs

postgres-decoderbufs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327003 of type rpminfo_object
Name
postgres-decoderbufs

postgresql is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-docs is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-plperl is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plperl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plpython3 is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-plpython3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-pltcl is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-pltcl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-private-devel is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-libs is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327021  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-private-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327023  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server-devel is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-server-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-static is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-test is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-test-rpm-macros is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327016 of type rpminfo_object
Name
postgresql-test-rpm-macros

postgresql-test-rpm-macros is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20234327032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20234327016 of type rpminfo_object
Name
postgresql-test-rpm-macros

postgresql-upgrade is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade-devel is earlier than 0:15.3-1.module+el9.2.0.z+19113+6f5d9d63  oval:com.redhat.rhsa:tst:20234327035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel

postgresql-upgrade-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234325
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ctdb is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

ctdb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

libnetapi is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519002 of type rpminfo_object
Name
libnetapi

libnetapi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519002 of type rpminfo_object
Name
libnetapi

libnetapi-devel is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519003 of type rpminfo_object
Name
libnetapi-devel

libnetapi-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519003 of type rpminfo_object
Name
libnetapi-devel

libsmbclient is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient-devel is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libsmbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libwbclient is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient-devel is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

libwbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

python3-samba is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

python3-samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

python3-samba-dc is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519009 of type rpminfo_object
Name
python3-samba-dc

python3-samba-dc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519009 of type rpminfo_object
Name
python3-samba-dc

python3-samba-devel is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519010 of type rpminfo_object
Name
python3-samba-devel

python3-samba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519010 of type rpminfo_object
Name
python3-samba-devel

python3-samba-test is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519011 of type rpminfo_object
Name
python3-samba-test

python3-samba-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519011 of type rpminfo_object
Name
python3-samba-test

samba is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba-client is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client-libs is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325027  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-client-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-common is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317020  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common-libs is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325031  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317022  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-tools is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-common-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-dc-libs is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519018 of type rpminfo_object
Name
samba-dc-libs

samba-dc-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519018 of type rpminfo_object
Name
samba-dc-libs

samba-dcerpc is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519019 of type rpminfo_object
Name
samba-dcerpc

samba-dcerpc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519019 of type rpminfo_object
Name
samba-dcerpc

samba-devel is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-krb5-printing is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-krb5-printing is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-ldb-ldap-modules is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519022 of type rpminfo_object
Name
samba-ldb-ldap-modules

samba-ldb-ldap-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519022 of type rpminfo_object
Name
samba-ldb-ldap-modules

samba-libs is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-pidl is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-pidl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-test is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test-libs is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-test-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-tools is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519027 of type rpminfo_object
Name
samba-tools

samba-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519027 of type rpminfo_object
Name
samba-tools

samba-usershares is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519028 of type rpminfo_object
Name
samba-usershares

samba-usershares is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519028 of type rpminfo_object
Name
samba-usershares

samba-vfs-iouring is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-vfs-iouring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-winbind is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind-clients is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-clients is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-krb5-locator is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-krb5-locator is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-modules is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325065  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winbind-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winexe is earlier than 0:4.17.5-103.el9_2  oval:com.redhat.rhsa:tst:20234325067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe

samba-winexe is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234201
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

webkit2gtk3 is earlier than 0:2.38.5-1.el9_2.3  oval:com.redhat.rhsa:tst:20234201001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-devel is earlier than 0:2.38.5-1.el9_2.3  oval:com.redhat.rhsa:tst:20234201003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-jsc is earlier than 0:2.38.5-1.el9_2.3  oval:com.redhat.rhsa:tst:20234201005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc-devel is earlier than 0:2.38.5-1.el9_2.3  oval:com.redhat.rhsa:tst:20234201007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel

webkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234178
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-1.8.0-openjdk is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk-demo is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo-fastdebug is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-slowdebug is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-devel is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel-fastdebug is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-slowdebug is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-fastdebug is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-headless is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless-fastdebug is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-slowdebug is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-slowdebug is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-src is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src-fastdebug is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-slowdebug is earlier than 1:1.8.0.382.b05-2.el9  oval:com.redhat.rhsa:tst:20234178033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug

java-1.8.0-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234177
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-17-openjdk is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk-demo is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo-fastdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-slowdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-devel is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel-fastdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-slowdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-fastdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-headless is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless-fastdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-slowdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-javadoc is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc-zip is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-jmods is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods-fastdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-slowdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-slowdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-src is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src-fastdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-slowdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-static-libs is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs-fastdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-slowdebug is earlier than 1:17.0.8.0.7-2.el9  oval:com.redhat.rhsa:tst:20234177045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug

java-17-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234158
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-11-openjdk is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk-demo is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo-fastdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-slowdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-devel is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel-fastdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-slowdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-fastdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-headless is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless-fastdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-slowdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-javadoc is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc-zip is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-jmods is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods-fastdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-slowdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-slowdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-src is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src-fastdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-slowdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-static-libs is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs-fastdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-slowdebug is earlier than 1:11.0.20.0.8-2.el9  oval:com.redhat.rhsa:tst:20234158045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug

java-11-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234099
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

bind is earlier than 32:9.16.23-11.el9_2.1  oval:com.redhat.rhsa:tst:20234099001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763001 of type rpminfo_object
Name
bind

bind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763001 of type rpminfo_object
Name
bind

bind-chroot is earlier than 32:9.16.23-11.el9_2.1  oval:com.redhat.rhsa:tst:20234099003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763002 of type rpminfo_object
Name
bind-chroot

bind-chroot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763002 of type rpminfo_object
Name
bind-chroot

bind-devel is earlier than 32:9.16.23-11.el9_2.1  oval:com.redhat.rhsa:tst:20234099005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763003 of type rpminfo_object
Name
bind-devel

bind-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763003 of type rpminfo_object
Name
bind-devel

bind-dnssec-doc is earlier than 32:9.16.23-11.el9_2.1  oval:com.redhat.rhsa:tst:20234099007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763004 of type rpminfo_object
Name
bind-dnssec-doc

bind-dnssec-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763004 of type rpminfo_object
Name
bind-dnssec-doc

bind-dnssec-utils is earlier than 32:9.16.23-11.el9_2.1  oval:com.redhat.rhsa:tst:20234099009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763005 of type rpminfo_object
Name
bind-dnssec-utils

bind-dnssec-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763005 of type rpminfo_object
Name
bind-dnssec-utils

bind-doc is earlier than 32:9.16.23-11.el9_2.1  oval:com.redhat.rhsa:tst:20234099011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228068006 of type rpminfo_object
Name
bind-doc

bind-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228068012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228068006 of type rpminfo_object
Name
bind-doc

bind-libs is earlier than 32:9.16.23-11.el9_2.1  oval:com.redhat.rhsa:tst:20234099013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-libsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-libs-32:9.16.23-14.el9_3.aarch64

bind-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-libsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-libs-32:9.16.23-14.el9_3.aarch64

bind-license is earlier than 32:9.16.23-11.el9_2.1  oval:com.redhat.rhsa:tst:20234099015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-licensenoarch3214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-license-32:9.16.23-14.el9_3.noarch

bind-license is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-licensenoarch3214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-license-32:9.16.23-14.el9_3.noarch

bind-utils is earlier than 32:9.16.23-11.el9_2.1  oval:com.redhat.rhsa:tst:20234099017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-utilsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-utils-32:9.16.23-14.el9_3.aarch64

bind-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-utilsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-utils-32:9.16.23-14.el9_3.aarch64

python3-bind is earlier than 32:9.16.23-11.el9_2.1  oval:com.redhat.rhsa:tst:20234099019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763009 of type rpminfo_object
Name
python3-bind

python3-bind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763009 of type rpminfo_object
Name
python3-bind
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234071
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.13.0-2.el9_2  oval:com.redhat.rhsa:tst:20234071001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:102.13.0-2.el9_2  oval:com.redhat.rhsa:tst:20234071003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234064
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.13.0-2.el9_2  oval:com.redhat.rhsa:tst:20234064001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234060
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.20-1.el9_2  oval:com.redhat.rhsa:tst:20234060001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.20-1.el9_2  oval:com.redhat.rhsa:tst:20234060003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.20-1.el9_2  oval:com.redhat.rhsa:tst:20234060005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-hostfxr-6.0 is earlier than 0:6.0.20-1.el9_2  oval:com.redhat.rhsa:tst:20234060007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.20-1.el9_2  oval:com.redhat.rhsa:tst:20234060009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.120-1.el9_2  oval:com.redhat.rhsa:tst:20234060011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.120-1.el9_2  oval:com.redhat.rhsa:tst:20234060013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.20-1.el9_2  oval:com.redhat.rhsa:tst:20234060015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.120-1.el9_2  oval:com.redhat.rhsa:tst:20234060017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234057
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-7.0 is earlier than 0:7.0.9-1.el9_2  oval:com.redhat.rhsa:tst:20234057001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-targeting-pack-7.0 is earlier than 0:7.0.9-1.el9_2  oval:com.redhat.rhsa:tst:20234057003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

aspnetcore-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

dotnet-apphost-pack-7.0 is earlier than 0:7.0.9-1.el9_2  oval:com.redhat.rhsa:tst:20234057005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-apphost-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-host is earlier than 0:7.0.9-1.el9_2  oval:com.redhat.rhsa:tst:20234057007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-7.0 is earlier than 0:7.0.9-1.el9_2  oval:com.redhat.rhsa:tst:20234057009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-hostfxr-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-runtime-7.0 is earlier than 0:7.0.9-1.el9_2  oval:com.redhat.rhsa:tst:20234057011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-sdk-7.0 is earlier than 0:7.0.109-1.el9_2  oval:com.redhat.rhsa:tst:20234057013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0-source-built-artifacts is earlier than 0:7.0.109-1.el9_2  oval:com.redhat.rhsa:tst:20234057015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-sdk-7.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-targeting-pack-7.0 is earlier than 0:7.0.9-1.el9_2  oval:com.redhat.rhsa:tst:20234057017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-templates-7.0 is earlier than 0:7.0.109-1.el9_2  oval:com.redhat.rhsa:tst:20234057019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

dotnet-templates-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

netstandard-targeting-pack-2.1 is earlier than 0:7.0.109-1.el9_2  oval:com.redhat.rhsa:tst:20234057021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20234030
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

grafana is earlier than 0:9.0.9-3.el9_2  oval:com.redhat.rhsa:tst:20234030001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana

grafana is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225716002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233948
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

open-vm-tools is earlier than 0:12.1.5-1.el9_2.1  oval:com.redhat.rhsa:tst:20233948001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-toolsaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-toolsaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-desktop is earlier than 0:12.1.5-1.el9_2.1  oval:com.redhat.rhsa:tst:20233948003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-tools-desktopaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-desktop-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-desktop is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-tools-desktopaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-desktop-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-salt-minion is earlier than 0:12.1.5-1.el9_2.1  oval:com.redhat.rhsa:tst:20233948005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233948003 of type rpminfo_object
Name
open-vm-tools-salt-minion

open-vm-tools-salt-minion is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233948006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233948003 of type rpminfo_object
Name
open-vm-tools-salt-minion

open-vm-tools-sdmp is earlier than 0:12.1.5-1.el9_2.1  oval:com.redhat.rhsa:tst:20233948007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358003 of type rpminfo_object
Name
open-vm-tools-sdmp

open-vm-tools-sdmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358003 of type rpminfo_object
Name
open-vm-tools-sdmp

open-vm-tools-test is earlier than 0:12.1.5-1.el9_2.1  oval:com.redhat.rhsa:tst:20233948009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358004 of type rpminfo_object
Name
open-vm-tools-test

open-vm-tools-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358004 of type rpminfo_object
Name
open-vm-tools-test
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233923
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

golang is earlier than 0:1.19.10-1.el9_2  oval:com.redhat.rhsa:tst:20233923001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang-bin is earlier than 0:1.19.10-1.el9_2  oval:com.redhat.rhsa:tst:20233923003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-bin is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-docs is earlier than 0:1.19.10-1.el9_2  oval:com.redhat.rhsa:tst:20233923005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-misc is earlier than 0:1.19.10-1.el9_2  oval:com.redhat.rhsa:tst:20233923007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-misc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-race is earlier than 0:1.19.10-1.el9_2  oval:com.redhat.rhsa:tst:20233923009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-race is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-src is earlier than 0:1.19.10-1.el9_2  oval:com.redhat.rhsa:tst:20233923011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-tests is earlier than 0:1.19.10-1.el9_2  oval:com.redhat.rhsa:tst:20233923013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests

golang-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests

go-toolset is earlier than 0:1.19.10-1.el9_2  oval:com.redhat.rhsa:tst:20233923015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225799008 of type rpminfo_object
Name
go-toolset

go-toolset is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225799016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225799008 of type rpminfo_object
Name
go-toolset
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233725
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

less is earlier than 0:590-2.el9_2  oval:com.redhat.rhsa:tst:20233725001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
lessaarch64(none)2.el9_25900:590-2.el9_2199e2f91fd431d51less-0:590-2.el9_2.aarch64

less is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233725002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
lessaarch64(none)2.el9_25900:590-2.el9_2199e2f91fd431d51less-0:590-2.el9_2.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233723
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-284.18.1.rt14.303.el9_2 is currently running  oval:com.redhat.rhsa:tst:20233708029  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-284.18.1.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20233723092  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233723048 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:7.0.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-64k is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458003 of type rpminfo_object
Name
kernel-64k

kernel-64k is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458003 of type rpminfo_object
Name
kernel-64k

kernel-64k-core is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458004 of type rpminfo_object
Name
kernel-64k-core

kernel-64k-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458004 of type rpminfo_object
Name
kernel-64k-core

kernel-64k-debug is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458005 of type rpminfo_object
Name
kernel-64k-debug

kernel-64k-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458005 of type rpminfo_object
Name
kernel-64k-debug

kernel-64k-debug-core is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458006 of type rpminfo_object
Name
kernel-64k-debug-core

kernel-64k-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458006 of type rpminfo_object
Name
kernel-64k-debug-core

kernel-64k-debug-devel is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458007 of type rpminfo_object
Name
kernel-64k-debug-devel

kernel-64k-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458007 of type rpminfo_object
Name
kernel-64k-debug-devel

kernel-64k-debug-devel-matched is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458008 of type rpminfo_object
Name
kernel-64k-debug-devel-matched

kernel-64k-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458008 of type rpminfo_object
Name
kernel-64k-debug-devel-matched

kernel-64k-debug-modules is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458009 of type rpminfo_object
Name
kernel-64k-debug-modules

kernel-64k-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458009 of type rpminfo_object
Name
kernel-64k-debug-modules

kernel-64k-debug-modules-core is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458010 of type rpminfo_object
Name
kernel-64k-debug-modules-core

kernel-64k-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458010 of type rpminfo_object
Name
kernel-64k-debug-modules-core

kernel-64k-debug-modules-extra is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458011 of type rpminfo_object
Name
kernel-64k-debug-modules-extra

kernel-64k-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458011 of type rpminfo_object
Name
kernel-64k-debug-modules-extra

kernel-64k-devel is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458012 of type rpminfo_object
Name
kernel-64k-devel

kernel-64k-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458012 of type rpminfo_object
Name
kernel-64k-devel

kernel-64k-devel-matched is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458013 of type rpminfo_object
Name
kernel-64k-devel-matched

kernel-64k-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458013 of type rpminfo_object
Name
kernel-64k-devel-matched

kernel-64k-modules is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458014 of type rpminfo_object
Name
kernel-64k-modules

kernel-64k-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458014 of type rpminfo_object
Name
kernel-64k-modules

kernel-64k-modules-core is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458015 of type rpminfo_object
Name
kernel-64k-modules-core

kernel-64k-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458015 of type rpminfo_object
Name
kernel-64k-modules-core

kernel-64k-modules-extra is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458016 of type rpminfo_object
Name
kernel-64k-modules-extra

kernel-64k-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458016 of type rpminfo_object
Name
kernel-64k-modules-extra

kernel-abi-stablelists is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-debug is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-core is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458025 of type rpminfo_object
Name
kernel-debug-modules-core

kernel-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458025 of type rpminfo_object
Name
kernel-debug-modules-core

kernel-debug-modules-extra is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-uki-virt is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458027 of type rpminfo_object
Name
kernel-debug-uki-virt

kernel-debug-uki-virt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458027 of type rpminfo_object
Name
kernel-debug-uki-virt

kernel-devel is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-modules is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723057  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-core is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723059  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modules-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modules-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458066  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modules-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modules-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723063  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723065  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-uki-virt is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723069  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458038 of type rpminfo_object
Name
kernel-uki-virt

kernel-uki-virt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458076  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458038 of type rpminfo_object
Name
kernel-uki-virt

kernel-zfcpdump is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723071  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723073  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723075  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723077  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723079  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-core is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723081  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458044 of type rpminfo_object
Name
kernel-zfcpdump-modules-core

kernel-zfcpdump-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458088  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458044 of type rpminfo_object
Name
kernel-zfcpdump-modules-core

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723083  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723085  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723087  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

rtla is earlier than 0:5.14.0-284.18.1.el9_2  oval:com.redhat.rhsa:tst:20233723089  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458048 of type rpminfo_object
Name
rtla

rtla is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458096  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458048 of type rpminfo_object
Name
rtla
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233722
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

openssl is earlier than 1:3.0.7-16.el9_2  oval:com.redhat.rhsa:tst:20233722001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl-devel is earlier than 1:3.0.7-16.el9_2  oval:com.redhat.rhsa:tst:20233722003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-libs is earlier than 1:3.0.7-16.el9_2  oval:com.redhat.rhsa:tst:20233722005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-perl is earlier than 1:3.0.7-16.el9_2  oval:com.redhat.rhsa:tst:20233722007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl

openssl-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233715
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libvirt is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003001 of type rpminfo_object
Name
libvirt

libvirt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003001 of type rpminfo_object
Name
libvirt

libvirt-client is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003002 of type rpminfo_object
Name
libvirt-client

libvirt-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003002 of type rpminfo_object
Name
libvirt-client

libvirt-client-qemu is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233715003 of type rpminfo_object
Name
libvirt-client-qemu

libvirt-client-qemu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233715006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233715003 of type rpminfo_object
Name
libvirt-client-qemu

libvirt-daemon is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003003 of type rpminfo_object
Name
libvirt-daemon

libvirt-daemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003003 of type rpminfo_object
Name
libvirt-daemon

libvirt-daemon-config-network is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003004 of type rpminfo_object
Name
libvirt-daemon-config-network

libvirt-daemon-config-network is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003004 of type rpminfo_object
Name
libvirt-daemon-config-network

libvirt-daemon-config-nwfilter is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003005 of type rpminfo_object
Name
libvirt-daemon-config-nwfilter

libvirt-daemon-config-nwfilter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003005 of type rpminfo_object
Name
libvirt-daemon-config-nwfilter

libvirt-daemon-driver-interface is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003006 of type rpminfo_object
Name
libvirt-daemon-driver-interface

libvirt-daemon-driver-interface is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003006 of type rpminfo_object
Name
libvirt-daemon-driver-interface

libvirt-daemon-driver-network is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003007 of type rpminfo_object
Name
libvirt-daemon-driver-network

libvirt-daemon-driver-network is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003007 of type rpminfo_object
Name
libvirt-daemon-driver-network

libvirt-daemon-driver-nodedev is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003008 of type rpminfo_object
Name
libvirt-daemon-driver-nodedev

libvirt-daemon-driver-nodedev is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003008 of type rpminfo_object
Name
libvirt-daemon-driver-nodedev

libvirt-daemon-driver-nwfilter is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003009 of type rpminfo_object
Name
libvirt-daemon-driver-nwfilter

libvirt-daemon-driver-nwfilter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003009 of type rpminfo_object
Name
libvirt-daemon-driver-nwfilter

libvirt-daemon-driver-qemu is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003010 of type rpminfo_object
Name
libvirt-daemon-driver-qemu

libvirt-daemon-driver-qemu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003010 of type rpminfo_object
Name
libvirt-daemon-driver-qemu

libvirt-daemon-driver-secret is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003011 of type rpminfo_object
Name
libvirt-daemon-driver-secret

libvirt-daemon-driver-secret is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003011 of type rpminfo_object
Name
libvirt-daemon-driver-secret

libvirt-daemon-driver-storage is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003012 of type rpminfo_object
Name
libvirt-daemon-driver-storage

libvirt-daemon-driver-storage is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003012 of type rpminfo_object
Name
libvirt-daemon-driver-storage

libvirt-daemon-driver-storage-core is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003013 of type rpminfo_object
Name
libvirt-daemon-driver-storage-core

libvirt-daemon-driver-storage-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003013 of type rpminfo_object
Name
libvirt-daemon-driver-storage-core

libvirt-daemon-driver-storage-disk is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003014 of type rpminfo_object
Name
libvirt-daemon-driver-storage-disk

libvirt-daemon-driver-storage-disk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003014 of type rpminfo_object
Name
libvirt-daemon-driver-storage-disk

libvirt-daemon-driver-storage-iscsi is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003015 of type rpminfo_object
Name
libvirt-daemon-driver-storage-iscsi

libvirt-daemon-driver-storage-iscsi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003015 of type rpminfo_object
Name
libvirt-daemon-driver-storage-iscsi

libvirt-daemon-driver-storage-logical is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003016 of type rpminfo_object
Name
libvirt-daemon-driver-storage-logical

libvirt-daemon-driver-storage-logical is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003016 of type rpminfo_object
Name
libvirt-daemon-driver-storage-logical

libvirt-daemon-driver-storage-mpath is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003017 of type rpminfo_object
Name
libvirt-daemon-driver-storage-mpath

libvirt-daemon-driver-storage-mpath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003017 of type rpminfo_object
Name
libvirt-daemon-driver-storage-mpath

libvirt-daemon-driver-storage-rbd is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003018 of type rpminfo_object
Name
libvirt-daemon-driver-storage-rbd

libvirt-daemon-driver-storage-rbd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003018 of type rpminfo_object
Name
libvirt-daemon-driver-storage-rbd

libvirt-daemon-driver-storage-scsi is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003019 of type rpminfo_object
Name
libvirt-daemon-driver-storage-scsi

libvirt-daemon-driver-storage-scsi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003019 of type rpminfo_object
Name
libvirt-daemon-driver-storage-scsi

libvirt-daemon-kvm is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003020 of type rpminfo_object
Name
libvirt-daemon-kvm

libvirt-daemon-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003020 of type rpminfo_object
Name
libvirt-daemon-kvm

libvirt-devel is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003021 of type rpminfo_object
Name
libvirt-devel

libvirt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003021 of type rpminfo_object
Name
libvirt-devel

libvirt-docs is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003022 of type rpminfo_object
Name
libvirt-docs

libvirt-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003022 of type rpminfo_object
Name
libvirt-docs

libvirt-libs is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003023 of type rpminfo_object
Name
libvirt-libs

libvirt-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003023 of type rpminfo_object
Name
libvirt-libs

libvirt-lock-sanlock is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003024 of type rpminfo_object
Name
libvirt-lock-sanlock

libvirt-lock-sanlock is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003024 of type rpminfo_object
Name
libvirt-lock-sanlock

libvirt-nss is earlier than 0:9.0.0-10.2.el9_2  oval:com.redhat.rhsa:tst:20233715051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003025 of type rpminfo_object
Name
libvirt-nss

libvirt-nss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003025 of type rpminfo_object
Name
libvirt-nss
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233714
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

postgresql is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-docs is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-plperl is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plperl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plpython3 is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-plpython3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-pltcl is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-pltcl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-private-devel is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-libs is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-private-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server-devel is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-server-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-static is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-test is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-upgrade is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade-devel is earlier than 0:13.11-1.el9_2  oval:com.redhat.rhsa:tst:20233714027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel

postgresql-upgrade-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233711
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libtiff is earlier than 0:4.4.0-8.el9_2  oval:com.redhat.rhsa:tst:20233711001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtiffaarch64(none)10.el94.4.00:4.4.0-10.el9199e2f91fd431d51libtiff-0:4.4.0-10.el9.aarch64

libtiff is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtiffaarch64(none)10.el94.4.00:4.4.0-10.el9199e2f91fd431d51libtiff-0:4.4.0-10.el9.aarch64

libtiff-devel is earlier than 0:4.4.0-8.el9_2  oval:com.redhat.rhsa:tst:20233711003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194002 of type rpminfo_object
Name
libtiff-devel

libtiff-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194002 of type rpminfo_object
Name
libtiff-devel

libtiff-tools is earlier than 0:4.4.0-8.el9_2  oval:com.redhat.rhsa:tst:20233711005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194003 of type rpminfo_object
Name
libtiff-tools

libtiff-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194003 of type rpminfo_object
Name
libtiff-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233708
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-284.18.1.rt14.303.el9_2 is currently running  oval:com.redhat.rhsa:tst:20233708029  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-284.18.1.rt14.303.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20233708030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233708017 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-core is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148008 of type rpminfo_object
Name
kernel-rt-debug-modules-core

kernel-rt-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232148016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148008 of type rpminfo_object
Name
kernel-rt-debug-modules-core

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-core is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148013 of type rpminfo_object
Name
kernel-rt-modules-core

kernel-rt-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232148026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148013 of type rpminfo_object
Name
kernel-rt-modules-core

kernel-rt-modules-extra is earlier than 0:5.14.0-284.18.1.rt14.303.el9_2  oval:com.redhat.rhsa:tst:20233708027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233705
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-284.11.1.el9_2 is currently running  oval:com.redhat.rhsa:tst:20233705006  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-284.11.1.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20233705007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233705005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20233705001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20233705003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233705002 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_11_1

kpatch-patch-5_14_0-284_11_1 is earlier than 0:1-1.el9_2  oval:com.redhat.rhsa:tst:20233705004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233705002 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_11_1

kpatch-patch-5_14_0-284_11_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233705005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233705002 of type rpminfo_object
Name
kpatch-patch-5_14_0-284_11_1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233661
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

texlive is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661001 of type rpminfo_object
Name
texlive

texlive is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661001 of type rpminfo_object
Name
texlive

texlive-adjustbox is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661002 of type rpminfo_object
Name
texlive-adjustbox

texlive-adjustbox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661002 of type rpminfo_object
Name
texlive-adjustbox

texlive-ae is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661003 of type rpminfo_object
Name
texlive-ae

texlive-ae is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661003 of type rpminfo_object
Name
texlive-ae

texlive-algorithms is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661004 of type rpminfo_object
Name
texlive-algorithms

texlive-algorithms is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661004 of type rpminfo_object
Name
texlive-algorithms

texlive-alphalph is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661005 of type rpminfo_object
Name
texlive-alphalph

texlive-alphalph is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661005 of type rpminfo_object
Name
texlive-alphalph

texlive-amscls is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661006 of type rpminfo_object
Name
texlive-amscls

texlive-amscls is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661006 of type rpminfo_object
Name
texlive-amscls

texlive-amsfonts is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661007 of type rpminfo_object
Name
texlive-amsfonts

texlive-amsfonts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661007 of type rpminfo_object
Name
texlive-amsfonts

texlive-amsmath is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661008 of type rpminfo_object
Name
texlive-amsmath

texlive-amsmath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661008 of type rpminfo_object
Name
texlive-amsmath

texlive-anyfontsize is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661009 of type rpminfo_object
Name
texlive-anyfontsize

texlive-anyfontsize is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661009 of type rpminfo_object
Name
texlive-anyfontsize

texlive-anysize is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661010 of type rpminfo_object
Name
texlive-anysize

texlive-anysize is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661010 of type rpminfo_object
Name
texlive-anysize

texlive-appendix is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661011 of type rpminfo_object
Name
texlive-appendix

texlive-appendix is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661011 of type rpminfo_object
Name
texlive-appendix

texlive-arabxetex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661012 of type rpminfo_object
Name
texlive-arabxetex

texlive-arabxetex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661012 of type rpminfo_object
Name
texlive-arabxetex

texlive-arphic is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661013 of type rpminfo_object
Name
texlive-arphic

texlive-arphic is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661013 of type rpminfo_object
Name
texlive-arphic

texlive-atbegshi is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661014 of type rpminfo_object
Name
texlive-atbegshi

texlive-atbegshi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661014 of type rpminfo_object
Name
texlive-atbegshi

texlive-attachfile is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661015 of type rpminfo_object
Name
texlive-attachfile

texlive-attachfile is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661015 of type rpminfo_object
Name
texlive-attachfile

texlive-attachfile2 is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661016 of type rpminfo_object
Name
texlive-attachfile2

texlive-attachfile2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661016 of type rpminfo_object
Name
texlive-attachfile2

texlive-atveryend is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661017 of type rpminfo_object
Name
texlive-atveryend

texlive-atveryend is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661017 of type rpminfo_object
Name
texlive-atveryend

texlive-auxhook is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661018 of type rpminfo_object
Name
texlive-auxhook

texlive-auxhook is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661018 of type rpminfo_object
Name
texlive-auxhook

texlive-avantgar is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661019 of type rpminfo_object
Name
texlive-avantgar

texlive-avantgar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661019 of type rpminfo_object
Name
texlive-avantgar

texlive-awesomebox is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661020 of type rpminfo_object
Name
texlive-awesomebox

texlive-awesomebox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661020 of type rpminfo_object
Name
texlive-awesomebox

texlive-babel is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661021 of type rpminfo_object
Name
texlive-babel

texlive-babel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661021 of type rpminfo_object
Name
texlive-babel

texlive-babel-english is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661022 of type rpminfo_object
Name
texlive-babel-english

texlive-babel-english is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661022 of type rpminfo_object
Name
texlive-babel-english

texlive-babelbib is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661023 of type rpminfo_object
Name
texlive-babelbib

texlive-babelbib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661023 of type rpminfo_object
Name
texlive-babelbib

texlive-base is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661024 of type rpminfo_object
Name
texlive-base

texlive-base is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661024 of type rpminfo_object
Name
texlive-base

texlive-beamer is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661025 of type rpminfo_object
Name
texlive-beamer

texlive-beamer is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661025 of type rpminfo_object
Name
texlive-beamer

texlive-bera is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661026 of type rpminfo_object
Name
texlive-bera

texlive-bera is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661026 of type rpminfo_object
Name
texlive-bera

texlive-beton is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661027 of type rpminfo_object
Name
texlive-beton

texlive-beton is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661027 of type rpminfo_object
Name
texlive-beton

texlive-bibtex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661028 of type rpminfo_object
Name
texlive-bibtex

texlive-bibtex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661028 of type rpminfo_object
Name
texlive-bibtex

texlive-bibtopic is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661029 of type rpminfo_object
Name
texlive-bibtopic

texlive-bibtopic is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661058  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661029 of type rpminfo_object
Name
texlive-bibtopic

texlive-bidi is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661030 of type rpminfo_object
Name
texlive-bidi

texlive-bidi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661060  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661030 of type rpminfo_object
Name
texlive-bidi

texlive-bigfoot is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661031 of type rpminfo_object
Name
texlive-bigfoot

texlive-bigfoot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661062  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661031 of type rpminfo_object
Name
texlive-bigfoot

texlive-bigintcalc is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661032 of type rpminfo_object
Name
texlive-bigintcalc

texlive-bigintcalc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661064  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661032 of type rpminfo_object
Name
texlive-bigintcalc

texlive-bitset is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661065  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661033 of type rpminfo_object
Name
texlive-bitset

texlive-bitset is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661066  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661033 of type rpminfo_object
Name
texlive-bitset

texlive-bookman is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661034 of type rpminfo_object
Name
texlive-bookman

texlive-bookman is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661068  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661034 of type rpminfo_object
Name
texlive-bookman

texlive-bookmark is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661069  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661035 of type rpminfo_object
Name
texlive-bookmark

texlive-bookmark is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661070  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661035 of type rpminfo_object
Name
texlive-bookmark

texlive-booktabs is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661071  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661036 of type rpminfo_object
Name
texlive-booktabs

texlive-booktabs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661072  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661036 of type rpminfo_object
Name
texlive-booktabs

texlive-breakurl is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661073  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661037 of type rpminfo_object
Name
texlive-breakurl

texlive-breakurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661074  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661037 of type rpminfo_object
Name
texlive-breakurl

texlive-breqn is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661075  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661038 of type rpminfo_object
Name
texlive-breqn

texlive-breqn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661076  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661038 of type rpminfo_object
Name
texlive-breqn

texlive-capt-of is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661077  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661039 of type rpminfo_object
Name
texlive-capt-of

texlive-capt-of is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661078  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661039 of type rpminfo_object
Name
texlive-capt-of

texlive-caption is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661079  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661040 of type rpminfo_object
Name
texlive-caption

texlive-caption is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661080  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661040 of type rpminfo_object
Name
texlive-caption

texlive-carlisle is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661081  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661041 of type rpminfo_object
Name
texlive-carlisle

texlive-carlisle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661082  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661041 of type rpminfo_object
Name
texlive-carlisle

texlive-catchfile is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661083  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661042 of type rpminfo_object
Name
texlive-catchfile

texlive-catchfile is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661084  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661042 of type rpminfo_object
Name
texlive-catchfile

texlive-changebar is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661085  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661043 of type rpminfo_object
Name
texlive-changebar

texlive-changebar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661086  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661043 of type rpminfo_object
Name
texlive-changebar

texlive-changepage is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661087  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661044 of type rpminfo_object
Name
texlive-changepage

texlive-changepage is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661088  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661044 of type rpminfo_object
Name
texlive-changepage

texlive-charter is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661089  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661045 of type rpminfo_object
Name
texlive-charter

texlive-charter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661090  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661045 of type rpminfo_object
Name
texlive-charter

texlive-chngcntr is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661091  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661046 of type rpminfo_object
Name
texlive-chngcntr

texlive-chngcntr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661092  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661046 of type rpminfo_object
Name
texlive-chngcntr

texlive-cite is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661093  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661047 of type rpminfo_object
Name
texlive-cite

texlive-cite is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661094  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661047 of type rpminfo_object
Name
texlive-cite

texlive-cjk is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661095  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661048 of type rpminfo_object
Name
texlive-cjk

texlive-cjk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661096  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661048 of type rpminfo_object
Name
texlive-cjk

texlive-classpack is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661097  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661049 of type rpminfo_object
Name
texlive-classpack

texlive-classpack is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661098  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661049 of type rpminfo_object
Name
texlive-classpack

texlive-cm is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661099  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661050 of type rpminfo_object
Name
texlive-cm

texlive-cm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661100  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661050 of type rpminfo_object
Name
texlive-cm

texlive-cm-lgc is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661101  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661051 of type rpminfo_object
Name
texlive-cm-lgc

texlive-cm-lgc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661102  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661051 of type rpminfo_object
Name
texlive-cm-lgc

texlive-cm-super is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661103  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661052 of type rpminfo_object
Name
texlive-cm-super

texlive-cm-super is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661104  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661052 of type rpminfo_object
Name
texlive-cm-super

texlive-cmap is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661105  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661053 of type rpminfo_object
Name
texlive-cmap

texlive-cmap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661106  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661053 of type rpminfo_object
Name
texlive-cmap

texlive-cmextra is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661107  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661054 of type rpminfo_object
Name
texlive-cmextra

texlive-cmextra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661108  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661054 of type rpminfo_object
Name
texlive-cmextra

texlive-cns is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661109  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661055 of type rpminfo_object
Name
texlive-cns

texlive-cns is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661110  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661055 of type rpminfo_object
Name
texlive-cns

texlive-collectbox is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661111  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661056 of type rpminfo_object
Name
texlive-collectbox

texlive-collectbox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661112  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661056 of type rpminfo_object
Name
texlive-collectbox

texlive-collection-basic is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661113  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661057 of type rpminfo_object
Name
texlive-collection-basic

texlive-collection-basic is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661114  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661057 of type rpminfo_object
Name
texlive-collection-basic

texlive-collection-fontsrecommended is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661115  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661058 of type rpminfo_object
Name
texlive-collection-fontsrecommended

texlive-collection-fontsrecommended is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661116  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661058 of type rpminfo_object
Name
texlive-collection-fontsrecommended

texlive-collection-htmlxml is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661117  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661059 of type rpminfo_object
Name
texlive-collection-htmlxml

texlive-collection-htmlxml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661118  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661059 of type rpminfo_object
Name
texlive-collection-htmlxml

texlive-collection-latex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661119  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661060 of type rpminfo_object
Name
texlive-collection-latex

texlive-collection-latex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661120  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661060 of type rpminfo_object
Name
texlive-collection-latex

texlive-collection-latexrecommended is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661121  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661061 of type rpminfo_object
Name
texlive-collection-latexrecommended

texlive-collection-latexrecommended is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661122  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661061 of type rpminfo_object
Name
texlive-collection-latexrecommended

texlive-collection-xetex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661123  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661062 of type rpminfo_object
Name
texlive-collection-xetex

texlive-collection-xetex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661124  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661062 of type rpminfo_object
Name
texlive-collection-xetex

texlive-colorprofiles is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661125  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661063 of type rpminfo_object
Name
texlive-colorprofiles

texlive-colorprofiles is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661126  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661063 of type rpminfo_object
Name
texlive-colorprofiles

texlive-colortbl is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661127  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661064 of type rpminfo_object
Name
texlive-colortbl

texlive-colortbl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661128  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661064 of type rpminfo_object
Name
texlive-colortbl

texlive-context is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661129  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661065 of type rpminfo_object
Name
texlive-context

texlive-context is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661130  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661065 of type rpminfo_object
Name
texlive-context

texlive-courier is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661131  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661066 of type rpminfo_object
Name
texlive-courier

texlive-courier is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661132  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661066 of type rpminfo_object
Name
texlive-courier

texlive-crop is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661133  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661067 of type rpminfo_object
Name
texlive-crop

texlive-crop is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661134  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661067 of type rpminfo_object
Name
texlive-crop

texlive-csquotes is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661135  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661068 of type rpminfo_object
Name
texlive-csquotes

texlive-csquotes is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661136  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661068 of type rpminfo_object
Name
texlive-csquotes

texlive-ctable is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661137  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661069 of type rpminfo_object
Name
texlive-ctable

texlive-ctable is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661138  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661069 of type rpminfo_object
Name
texlive-ctable

texlive-ctablestack is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661139  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661070 of type rpminfo_object
Name
texlive-ctablestack

texlive-ctablestack is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661140  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661070 of type rpminfo_object
Name
texlive-ctablestack

texlive-currfile is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661141  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661071 of type rpminfo_object
Name
texlive-currfile

texlive-currfile is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661142  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661071 of type rpminfo_object
Name
texlive-currfile

texlive-datetime is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661143  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661072 of type rpminfo_object
Name
texlive-datetime

texlive-datetime is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661144  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661072 of type rpminfo_object
Name
texlive-datetime

texlive-dehyph is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661145  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661073 of type rpminfo_object
Name
texlive-dehyph

texlive-dehyph is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661146  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661073 of type rpminfo_object
Name
texlive-dehyph

texlive-dvipdfmx is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661147  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661074 of type rpminfo_object
Name
texlive-dvipdfmx

texlive-dvipdfmx is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661148  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661074 of type rpminfo_object
Name
texlive-dvipdfmx

texlive-dvipng is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661149  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661075 of type rpminfo_object
Name
texlive-dvipng

texlive-dvipng is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661150  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661075 of type rpminfo_object
Name
texlive-dvipng

texlive-dvips is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661151  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661076 of type rpminfo_object
Name
texlive-dvips

texlive-dvips is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661152  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661076 of type rpminfo_object
Name
texlive-dvips

texlive-dvisvgm is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661153  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661077 of type rpminfo_object
Name
texlive-dvisvgm

texlive-dvisvgm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661154  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661077 of type rpminfo_object
Name
texlive-dvisvgm

texlive-ec is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661155  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661078 of type rpminfo_object
Name
texlive-ec

texlive-ec is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661156  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661078 of type rpminfo_object
Name
texlive-ec

texlive-eepic is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661157  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661079 of type rpminfo_object
Name
texlive-eepic

texlive-eepic is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661158  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661079 of type rpminfo_object
Name
texlive-eepic

texlive-enctex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661159  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661080 of type rpminfo_object
Name
texlive-enctex

texlive-enctex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661160  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661080 of type rpminfo_object
Name
texlive-enctex

texlive-enumitem is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661161  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661081 of type rpminfo_object
Name
texlive-enumitem

texlive-enumitem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661162  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661081 of type rpminfo_object
Name
texlive-enumitem

texlive-environ is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661163  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661082 of type rpminfo_object
Name
texlive-environ

texlive-environ is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661164  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661082 of type rpminfo_object
Name
texlive-environ

texlive-epsf is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661165  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661083 of type rpminfo_object
Name
texlive-epsf

texlive-epsf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661166  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661083 of type rpminfo_object
Name
texlive-epsf

texlive-epstopdf is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661167  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661084 of type rpminfo_object
Name
texlive-epstopdf

texlive-epstopdf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661168  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661084 of type rpminfo_object
Name
texlive-epstopdf

texlive-epstopdf-pkg is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661169  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661085 of type rpminfo_object
Name
texlive-epstopdf-pkg

texlive-epstopdf-pkg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661170  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661085 of type rpminfo_object
Name
texlive-epstopdf-pkg

texlive-eqparbox is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661171  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661086 of type rpminfo_object
Name
texlive-eqparbox

texlive-eqparbox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661172  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661086 of type rpminfo_object
Name
texlive-eqparbox

texlive-eso-pic is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661173  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661087 of type rpminfo_object
Name
texlive-eso-pic

texlive-eso-pic is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661174  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661087 of type rpminfo_object
Name
texlive-eso-pic

texlive-etex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661175  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661088 of type rpminfo_object
Name
texlive-etex

texlive-etex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661176  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661088 of type rpminfo_object
Name
texlive-etex

texlive-etex-pkg is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661177  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661089 of type rpminfo_object
Name
texlive-etex-pkg

texlive-etex-pkg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661178  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661089 of type rpminfo_object
Name
texlive-etex-pkg

texlive-etexcmds is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661179  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661090 of type rpminfo_object
Name
texlive-etexcmds

texlive-etexcmds is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661180  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661090 of type rpminfo_object
Name
texlive-etexcmds

texlive-etoc is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661181  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661091 of type rpminfo_object
Name
texlive-etoc

texlive-etoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661182  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661091 of type rpminfo_object
Name
texlive-etoc

texlive-etoolbox is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661183  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661092 of type rpminfo_object
Name
texlive-etoolbox

texlive-etoolbox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661184  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661092 of type rpminfo_object
Name
texlive-etoolbox

texlive-euenc is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661185  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661093 of type rpminfo_object
Name
texlive-euenc

texlive-euenc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661186  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661093 of type rpminfo_object
Name
texlive-euenc

texlive-euler is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661187  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661094 of type rpminfo_object
Name
texlive-euler

texlive-euler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661188  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661094 of type rpminfo_object
Name
texlive-euler

texlive-euro is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661189  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661095 of type rpminfo_object
Name
texlive-euro

texlive-euro is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661190  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661095 of type rpminfo_object
Name
texlive-euro

texlive-eurosym is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661191  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661096 of type rpminfo_object
Name
texlive-eurosym

texlive-eurosym is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661192  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661096 of type rpminfo_object
Name
texlive-eurosym

texlive-extsizes is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661193  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661097 of type rpminfo_object
Name
texlive-extsizes

texlive-extsizes is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661194  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661097 of type rpminfo_object
Name
texlive-extsizes

texlive-fancybox is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661195  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661098 of type rpminfo_object
Name
texlive-fancybox

texlive-fancybox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661196  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661098 of type rpminfo_object
Name
texlive-fancybox

texlive-fancyhdr is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661197  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661099 of type rpminfo_object
Name
texlive-fancyhdr

texlive-fancyhdr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661198  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661099 of type rpminfo_object
Name
texlive-fancyhdr

texlive-fancyref is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661199  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661100 of type rpminfo_object
Name
texlive-fancyref

texlive-fancyref is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661200  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661100 of type rpminfo_object
Name
texlive-fancyref

texlive-fancyvrb is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661201  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661101 of type rpminfo_object
Name
texlive-fancyvrb

texlive-fancyvrb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661202  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661101 of type rpminfo_object
Name
texlive-fancyvrb

texlive-filecontents is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661203  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661102 of type rpminfo_object
Name
texlive-filecontents

texlive-filecontents is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661204  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661102 of type rpminfo_object
Name
texlive-filecontents

texlive-filehook is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661205  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661103 of type rpminfo_object
Name
texlive-filehook

texlive-filehook is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661206  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661103 of type rpminfo_object
Name
texlive-filehook

texlive-finstrut is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661207  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661104 of type rpminfo_object
Name
texlive-finstrut

texlive-finstrut is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661208  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661104 of type rpminfo_object
Name
texlive-finstrut

texlive-fix2col is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661209  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661105 of type rpminfo_object
Name
texlive-fix2col

texlive-fix2col is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661210  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661105 of type rpminfo_object
Name
texlive-fix2col

texlive-fixlatvian is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661211  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661106 of type rpminfo_object
Name
texlive-fixlatvian

texlive-fixlatvian is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661212  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661106 of type rpminfo_object
Name
texlive-fixlatvian

texlive-float is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661213  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661107 of type rpminfo_object
Name
texlive-float

texlive-float is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661214  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661107 of type rpminfo_object
Name
texlive-float

texlive-fmtcount is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661215  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661108 of type rpminfo_object
Name
texlive-fmtcount

texlive-fmtcount is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661216  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661108 of type rpminfo_object
Name
texlive-fmtcount

texlive-fncychap is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661217  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661109 of type rpminfo_object
Name
texlive-fncychap

texlive-fncychap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661218  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661109 of type rpminfo_object
Name
texlive-fncychap

texlive-fontawesome is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661219  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661110 of type rpminfo_object
Name
texlive-fontawesome

texlive-fontawesome is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661220  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661110 of type rpminfo_object
Name
texlive-fontawesome

texlive-fontbook is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661221  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661111 of type rpminfo_object
Name
texlive-fontbook

texlive-fontbook is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661222  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661111 of type rpminfo_object
Name
texlive-fontbook

texlive-fonts-tlwg is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661223  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661112 of type rpminfo_object
Name
texlive-fonts-tlwg

texlive-fonts-tlwg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661224  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661112 of type rpminfo_object
Name
texlive-fonts-tlwg

texlive-fontspec is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661225  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661113 of type rpminfo_object
Name
texlive-fontspec

texlive-fontspec is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661226  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661113 of type rpminfo_object
Name
texlive-fontspec

texlive-fontware is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661227  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661114 of type rpminfo_object
Name
texlive-fontware

texlive-fontware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661228  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661114 of type rpminfo_object
Name
texlive-fontware

texlive-fontwrap is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661229  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661115 of type rpminfo_object
Name
texlive-fontwrap

texlive-fontwrap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661230  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661115 of type rpminfo_object
Name
texlive-fontwrap

texlive-footmisc is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661231  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661116 of type rpminfo_object
Name
texlive-footmisc

texlive-footmisc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661232  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661116 of type rpminfo_object
Name
texlive-footmisc

texlive-footnotehyper is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661233  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661117 of type rpminfo_object
Name
texlive-footnotehyper

texlive-footnotehyper is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661234  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661117 of type rpminfo_object
Name
texlive-footnotehyper

texlive-fp is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661235  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661118 of type rpminfo_object
Name
texlive-fp

texlive-fp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661236  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661118 of type rpminfo_object
Name
texlive-fp

texlive-fpl is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661237  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661119 of type rpminfo_object
Name
texlive-fpl

texlive-fpl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661238  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661119 of type rpminfo_object
Name
texlive-fpl

texlive-framed is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661239  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661120 of type rpminfo_object
Name
texlive-framed

texlive-framed is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661240  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661120 of type rpminfo_object
Name
texlive-framed

texlive-garuda-c90 is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661241  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661121 of type rpminfo_object
Name
texlive-garuda-c90

texlive-garuda-c90 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661242  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661121 of type rpminfo_object
Name
texlive-garuda-c90

texlive-geometry is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661243  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661122 of type rpminfo_object
Name
texlive-geometry

texlive-geometry is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661244  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661122 of type rpminfo_object
Name
texlive-geometry

texlive-gettitlestring is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661245  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661123 of type rpminfo_object
Name
texlive-gettitlestring

texlive-gettitlestring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661246  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661123 of type rpminfo_object
Name
texlive-gettitlestring

texlive-glyphlist is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661247  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661124 of type rpminfo_object
Name
texlive-glyphlist

texlive-glyphlist is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661248  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661124 of type rpminfo_object
Name
texlive-glyphlist

texlive-gnu-freefont is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661249  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661125 of type rpminfo_object
Name
texlive-gnu-freefont

texlive-gnu-freefont is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661250  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661125 of type rpminfo_object
Name
texlive-gnu-freefont

texlive-graphics is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661251  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661126 of type rpminfo_object
Name
texlive-graphics

texlive-graphics is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661252  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661126 of type rpminfo_object
Name
texlive-graphics

texlive-graphics-cfg is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661253  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661127 of type rpminfo_object
Name
texlive-graphics-cfg

texlive-graphics-cfg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661254  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661127 of type rpminfo_object
Name
texlive-graphics-cfg

texlive-graphics-def is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661255  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661128 of type rpminfo_object
Name
texlive-graphics-def

texlive-graphics-def is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661256  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661128 of type rpminfo_object
Name
texlive-graphics-def

texlive-grfext is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661257  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661129 of type rpminfo_object
Name
texlive-grfext

texlive-grfext is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661258  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661129 of type rpminfo_object
Name
texlive-grfext

texlive-grffile is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661259  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661130 of type rpminfo_object
Name
texlive-grffile

texlive-grffile is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661260  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661130 of type rpminfo_object
Name
texlive-grffile

texlive-gsftopk is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661261  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661131 of type rpminfo_object
Name
texlive-gsftopk

texlive-gsftopk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661262  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661131 of type rpminfo_object
Name
texlive-gsftopk

texlive-hanging is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661263  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661132 of type rpminfo_object
Name
texlive-hanging

texlive-hanging is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661264  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661132 of type rpminfo_object
Name
texlive-hanging

texlive-helvetic is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661265  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661133 of type rpminfo_object
Name
texlive-helvetic

texlive-helvetic is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661266  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661133 of type rpminfo_object
Name
texlive-helvetic

texlive-hobsub is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661267  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661134 of type rpminfo_object
Name
texlive-hobsub

texlive-hobsub is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661268  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661134 of type rpminfo_object
Name
texlive-hobsub

texlive-hologo is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661269  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661135 of type rpminfo_object
Name
texlive-hologo

texlive-hologo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661270  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661135 of type rpminfo_object
Name
texlive-hologo

texlive-hycolor is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661271  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661136 of type rpminfo_object
Name
texlive-hycolor

texlive-hycolor is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661272  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661136 of type rpminfo_object
Name
texlive-hycolor

texlive-hyperref is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661273  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661137 of type rpminfo_object
Name
texlive-hyperref

texlive-hyperref is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661274  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661137 of type rpminfo_object
Name
texlive-hyperref

texlive-hyph-utf8 is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661275  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661138 of type rpminfo_object
Name
texlive-hyph-utf8

texlive-hyph-utf8 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661276  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661138 of type rpminfo_object
Name
texlive-hyph-utf8

texlive-hyphen-base is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661277  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661139 of type rpminfo_object
Name
texlive-hyphen-base

texlive-hyphen-base is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661278  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661139 of type rpminfo_object
Name
texlive-hyphen-base

texlive-hyphenat is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661279  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661140 of type rpminfo_object
Name
texlive-hyphenat

texlive-hyphenat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661280  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661140 of type rpminfo_object
Name
texlive-hyphenat

texlive-hyphenex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661281  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661141 of type rpminfo_object
Name
texlive-hyphenex

texlive-hyphenex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661282  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661141 of type rpminfo_object
Name
texlive-hyphenex

texlive-ifmtarg is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661283  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661142 of type rpminfo_object
Name
texlive-ifmtarg

texlive-ifmtarg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661284  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661142 of type rpminfo_object
Name
texlive-ifmtarg

texlive-ifoddpage is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661285  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661143 of type rpminfo_object
Name
texlive-ifoddpage

texlive-ifoddpage is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661286  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661143 of type rpminfo_object
Name
texlive-ifoddpage

texlive-ifplatform is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661287  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661144 of type rpminfo_object
Name
texlive-ifplatform

texlive-ifplatform is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661288  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661144 of type rpminfo_object
Name
texlive-ifplatform

texlive-iftex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661289  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661145 of type rpminfo_object
Name
texlive-iftex

texlive-iftex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661290  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661145 of type rpminfo_object
Name
texlive-iftex

texlive-import is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661291  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661146 of type rpminfo_object
Name
texlive-import

texlive-import is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661292  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661146 of type rpminfo_object
Name
texlive-import

texlive-index is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661293  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661147 of type rpminfo_object
Name
texlive-index

texlive-index is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661294  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661147 of type rpminfo_object
Name
texlive-index

texlive-infwarerr is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661295  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661148 of type rpminfo_object
Name
texlive-infwarerr

texlive-infwarerr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661296  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661148 of type rpminfo_object
Name
texlive-infwarerr

texlive-intcalc is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661297  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661149 of type rpminfo_object
Name
texlive-intcalc

texlive-intcalc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661298  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661149 of type rpminfo_object
Name
texlive-intcalc

texlive-jadetex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661299  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661150 of type rpminfo_object
Name
texlive-jadetex

texlive-jadetex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661300  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661150 of type rpminfo_object
Name
texlive-jadetex

texlive-jknapltx is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661301  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661151 of type rpminfo_object
Name
texlive-jknapltx

texlive-jknapltx is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661302  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661151 of type rpminfo_object
Name
texlive-jknapltx

texlive-kastrup is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661303  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661152 of type rpminfo_object
Name
texlive-kastrup

texlive-kastrup is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661304  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661152 of type rpminfo_object
Name
texlive-kastrup

texlive-kerkis is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661305  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661153 of type rpminfo_object
Name
texlive-kerkis

texlive-kerkis is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661306  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661153 of type rpminfo_object
Name
texlive-kerkis

texlive-knuth-lib is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661307  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661154 of type rpminfo_object
Name
texlive-knuth-lib

texlive-knuth-lib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661308  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661154 of type rpminfo_object
Name
texlive-knuth-lib

texlive-knuth-local is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661309  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661155 of type rpminfo_object
Name
texlive-knuth-local

texlive-knuth-local is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661310  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661155 of type rpminfo_object
Name
texlive-knuth-local

texlive-koma-script is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661311  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661156 of type rpminfo_object
Name
texlive-koma-script

texlive-koma-script is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661312  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661156 of type rpminfo_object
Name
texlive-koma-script

texlive-kpathsea is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661313  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661157 of type rpminfo_object
Name
texlive-kpathsea

texlive-kpathsea is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661314  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661157 of type rpminfo_object
Name
texlive-kpathsea

texlive-kvdefinekeys is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661315  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661158 of type rpminfo_object
Name
texlive-kvdefinekeys

texlive-kvdefinekeys is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661316  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661158 of type rpminfo_object
Name
texlive-kvdefinekeys

texlive-kvoptions is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661317  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661159 of type rpminfo_object
Name
texlive-kvoptions

texlive-kvoptions is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661318  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661159 of type rpminfo_object
Name
texlive-kvoptions

texlive-kvsetkeys is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661319  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661160 of type rpminfo_object
Name
texlive-kvsetkeys

texlive-kvsetkeys is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661320  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661160 of type rpminfo_object
Name
texlive-kvsetkeys

texlive-l3backend is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661321  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661161 of type rpminfo_object
Name
texlive-l3backend

texlive-l3backend is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661322  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661161 of type rpminfo_object
Name
texlive-l3backend

texlive-l3experimental is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661323  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661162 of type rpminfo_object
Name
texlive-l3experimental

texlive-l3experimental is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661324  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661162 of type rpminfo_object
Name
texlive-l3experimental

texlive-l3kernel is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661325  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661163 of type rpminfo_object
Name
texlive-l3kernel

texlive-l3kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661326  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661163 of type rpminfo_object
Name
texlive-l3kernel

texlive-l3packages is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661327  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661164 of type rpminfo_object
Name
texlive-l3packages

texlive-l3packages is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661328  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661164 of type rpminfo_object
Name
texlive-l3packages

texlive-lastpage is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661329  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661165 of type rpminfo_object
Name
texlive-lastpage

texlive-lastpage is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661330  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661165 of type rpminfo_object
Name
texlive-lastpage

texlive-latex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661331  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661166 of type rpminfo_object
Name
texlive-latex

texlive-latex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661332  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661166 of type rpminfo_object
Name
texlive-latex

texlive-latex-fonts is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661333  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661167 of type rpminfo_object
Name
texlive-latex-fonts

texlive-latex-fonts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661334  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661167 of type rpminfo_object
Name
texlive-latex-fonts

texlive-latex2man is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661335  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661168 of type rpminfo_object
Name
texlive-latex2man

texlive-latex2man is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661336  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661168 of type rpminfo_object
Name
texlive-latex2man

texlive-latexbug is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661337  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661169 of type rpminfo_object
Name
texlive-latexbug

texlive-latexbug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661338  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661169 of type rpminfo_object
Name
texlive-latexbug

texlive-latexconfig is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661339  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661170 of type rpminfo_object
Name
texlive-latexconfig

texlive-latexconfig is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661340  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661170 of type rpminfo_object
Name
texlive-latexconfig

texlive-letltxmacro is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661341  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661171 of type rpminfo_object
Name
texlive-letltxmacro

texlive-letltxmacro is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661342  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661171 of type rpminfo_object
Name
texlive-letltxmacro

texlive-lettrine is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661343  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661172 of type rpminfo_object
Name
texlive-lettrine

texlive-lettrine is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661344  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661172 of type rpminfo_object
Name
texlive-lettrine

texlive-lib is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661345  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
texlive-libaarch64926.el9_2202004069:20200406-26.el9_2199e2f91fd431d51texlive-lib-9:20200406-26.el9_2.aarch64

texlive-lib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661346  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
texlive-libaarch64926.el9_2202004069:20200406-26.el9_2199e2f91fd431d51texlive-lib-9:20200406-26.el9_2.aarch64

texlive-lib-devel is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661347  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661174 of type rpminfo_object
Name
texlive-lib-devel

texlive-lib-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661348  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661174 of type rpminfo_object
Name
texlive-lib-devel

texlive-linegoal is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661349  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661175 of type rpminfo_object
Name
texlive-linegoal

texlive-linegoal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661350  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661175 of type rpminfo_object
Name
texlive-linegoal

texlive-lineno is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661351  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661176 of type rpminfo_object
Name
texlive-lineno

texlive-lineno is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661352  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661176 of type rpminfo_object
Name
texlive-lineno

texlive-listings is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661353  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661177 of type rpminfo_object
Name
texlive-listings

texlive-listings is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661354  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661177 of type rpminfo_object
Name
texlive-listings

texlive-listofitems is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661355  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661178 of type rpminfo_object
Name
texlive-listofitems

texlive-listofitems is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661356  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661178 of type rpminfo_object
Name
texlive-listofitems

texlive-lm is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661357  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661179 of type rpminfo_object
Name
texlive-lm

texlive-lm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661358  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661179 of type rpminfo_object
Name
texlive-lm

texlive-lm-math is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661359  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661180 of type rpminfo_object
Name
texlive-lm-math

texlive-lm-math is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661360  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661180 of type rpminfo_object
Name
texlive-lm-math

texlive-ltabptch is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661361  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661181 of type rpminfo_object
Name
texlive-ltabptch

texlive-ltabptch is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661362  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661181 of type rpminfo_object
Name
texlive-ltabptch

texlive-ltxcmds is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661363  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661182 of type rpminfo_object
Name
texlive-ltxcmds

texlive-ltxcmds is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661364  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661182 of type rpminfo_object
Name
texlive-ltxcmds

texlive-ltxmisc is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661365  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661183 of type rpminfo_object
Name
texlive-ltxmisc

texlive-ltxmisc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661366  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661183 of type rpminfo_object
Name
texlive-ltxmisc

texlive-lua-alt-getopt is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661367  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661184 of type rpminfo_object
Name
texlive-lua-alt-getopt

texlive-lua-alt-getopt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661368  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661184 of type rpminfo_object
Name
texlive-lua-alt-getopt

texlive-luahbtex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661369  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661185 of type rpminfo_object
Name
texlive-luahbtex

texlive-luahbtex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661370  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661185 of type rpminfo_object
Name
texlive-luahbtex

texlive-lualatex-math is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661371  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661186 of type rpminfo_object
Name
texlive-lualatex-math

texlive-lualatex-math is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661372  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661186 of type rpminfo_object
Name
texlive-lualatex-math

texlive-lualibs is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661373  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661187 of type rpminfo_object
Name
texlive-lualibs

texlive-lualibs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661374  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661187 of type rpminfo_object
Name
texlive-lualibs

texlive-luaotfload is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661375  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661188 of type rpminfo_object
Name
texlive-luaotfload

texlive-luaotfload is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661376  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661188 of type rpminfo_object
Name
texlive-luaotfload

texlive-luatex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661377  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661189 of type rpminfo_object
Name
texlive-luatex

texlive-luatex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661378  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661189 of type rpminfo_object
Name
texlive-luatex

texlive-luatex85 is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661379  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661190 of type rpminfo_object
Name
texlive-luatex85

texlive-luatex85 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661380  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661190 of type rpminfo_object
Name
texlive-luatex85

texlive-luatexbase is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661381  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661191 of type rpminfo_object
Name
texlive-luatexbase

texlive-luatexbase is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661382  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661191 of type rpminfo_object
Name
texlive-luatexbase

texlive-lwarp is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661383  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661192 of type rpminfo_object
Name
texlive-lwarp

texlive-lwarp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661384  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661192 of type rpminfo_object
Name
texlive-lwarp

texlive-makecmds is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661385  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661193 of type rpminfo_object
Name
texlive-makecmds

texlive-makecmds is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661386  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661193 of type rpminfo_object
Name
texlive-makecmds

texlive-makeindex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661387  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661194 of type rpminfo_object
Name
texlive-makeindex

texlive-makeindex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661388  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661194 of type rpminfo_object
Name
texlive-makeindex

texlive-manfnt-font is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661389  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661195 of type rpminfo_object
Name
texlive-manfnt-font

texlive-manfnt-font is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661390  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661195 of type rpminfo_object
Name
texlive-manfnt-font

texlive-marginnote is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661391  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661196 of type rpminfo_object
Name
texlive-marginnote

texlive-marginnote is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661392  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661196 of type rpminfo_object
Name
texlive-marginnote

texlive-marvosym is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661393  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661197 of type rpminfo_object
Name
texlive-marvosym

texlive-marvosym is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661394  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661197 of type rpminfo_object
Name
texlive-marvosym

texlive-mathpazo is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661395  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661198 of type rpminfo_object
Name
texlive-mathpazo

texlive-mathpazo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661396  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661198 of type rpminfo_object
Name
texlive-mathpazo

texlive-mathspec is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661397  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661199 of type rpminfo_object
Name
texlive-mathspec

texlive-mathspec is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661398  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661199 of type rpminfo_object
Name
texlive-mathspec

texlive-mathtools is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661399  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661200 of type rpminfo_object
Name
texlive-mathtools

texlive-mathtools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661400  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661200 of type rpminfo_object
Name
texlive-mathtools

texlive-mdwtools is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661401  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661201 of type rpminfo_object
Name
texlive-mdwtools

texlive-mdwtools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661402  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661201 of type rpminfo_object
Name
texlive-mdwtools

texlive-memoir is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661403  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661202 of type rpminfo_object
Name
texlive-memoir

texlive-memoir is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661404  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661202 of type rpminfo_object
Name
texlive-memoir

texlive-metafont is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661405  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661203 of type rpminfo_object
Name
texlive-metafont

texlive-metafont is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661406  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661203 of type rpminfo_object
Name
texlive-metafont

texlive-metalogo is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661407  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661204 of type rpminfo_object
Name
texlive-metalogo

texlive-metalogo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661408  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661204 of type rpminfo_object
Name
texlive-metalogo

texlive-metapost is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661409  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661205 of type rpminfo_object
Name
texlive-metapost

texlive-metapost is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661410  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661205 of type rpminfo_object
Name
texlive-metapost

texlive-mflogo is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661411  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661206 of type rpminfo_object
Name
texlive-mflogo

texlive-mflogo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661412  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661206 of type rpminfo_object
Name
texlive-mflogo

texlive-mflogo-font is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661413  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661207 of type rpminfo_object
Name
texlive-mflogo-font

texlive-mflogo-font is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661414  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661207 of type rpminfo_object
Name
texlive-mflogo-font

texlive-mfnfss is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661415  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661208 of type rpminfo_object
Name
texlive-mfnfss

texlive-mfnfss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661416  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661208 of type rpminfo_object
Name
texlive-mfnfss

texlive-mfware is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661417  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661209 of type rpminfo_object
Name
texlive-mfware

texlive-mfware is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661418  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661209 of type rpminfo_object
Name
texlive-mfware

texlive-microtype is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661419  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661210 of type rpminfo_object
Name
texlive-microtype

texlive-microtype is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661420  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661210 of type rpminfo_object
Name
texlive-microtype

texlive-minitoc is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661421  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661211 of type rpminfo_object
Name
texlive-minitoc

texlive-minitoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661422  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661211 of type rpminfo_object
Name
texlive-minitoc

texlive-mnsymbol is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661423  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661212 of type rpminfo_object
Name
texlive-mnsymbol

texlive-mnsymbol is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661424  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661212 of type rpminfo_object
Name
texlive-mnsymbol

texlive-modes is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661425  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661213 of type rpminfo_object
Name
texlive-modes

texlive-modes is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661426  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661213 of type rpminfo_object
Name
texlive-modes

texlive-mparhack is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661427  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661214 of type rpminfo_object
Name
texlive-mparhack

texlive-mparhack is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661428  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661214 of type rpminfo_object
Name
texlive-mparhack

texlive-mptopdf is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661429  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661215 of type rpminfo_object
Name
texlive-mptopdf

texlive-mptopdf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661430  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661215 of type rpminfo_object
Name
texlive-mptopdf

texlive-ms is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661431  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661216 of type rpminfo_object
Name
texlive-ms

texlive-ms is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661432  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661216 of type rpminfo_object
Name
texlive-ms

texlive-multido is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661433  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661217 of type rpminfo_object
Name
texlive-multido

texlive-multido is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661434  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661217 of type rpminfo_object
Name
texlive-multido

texlive-multirow is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661435  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661218 of type rpminfo_object
Name
texlive-multirow

texlive-multirow is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661436  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661218 of type rpminfo_object
Name
texlive-multirow

texlive-natbib is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661437  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661219 of type rpminfo_object
Name
texlive-natbib

texlive-natbib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661438  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661219 of type rpminfo_object
Name
texlive-natbib

texlive-ncctools is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661439  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661220 of type rpminfo_object
Name
texlive-ncctools

texlive-ncctools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661440  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661220 of type rpminfo_object
Name
texlive-ncctools

texlive-ncntrsbk is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661441  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661221 of type rpminfo_object
Name
texlive-ncntrsbk

texlive-ncntrsbk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661442  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661221 of type rpminfo_object
Name
texlive-ncntrsbk

texlive-needspace is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661443  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661222 of type rpminfo_object
Name
texlive-needspace

texlive-needspace is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661444  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661222 of type rpminfo_object
Name
texlive-needspace

texlive-newfloat is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661445  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661223 of type rpminfo_object
Name
texlive-newfloat

texlive-newfloat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661446  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661223 of type rpminfo_object
Name
texlive-newfloat

texlive-newunicodechar is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661447  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661224 of type rpminfo_object
Name
texlive-newunicodechar

texlive-newunicodechar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661448  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661224 of type rpminfo_object
Name
texlive-newunicodechar

texlive-norasi-c90 is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661449  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661225 of type rpminfo_object
Name
texlive-norasi-c90

texlive-norasi-c90 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661450  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661225 of type rpminfo_object
Name
texlive-norasi-c90

texlive-notoccite is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661451  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661226 of type rpminfo_object
Name
texlive-notoccite

texlive-notoccite is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661452  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661226 of type rpminfo_object
Name
texlive-notoccite

texlive-ntgclass is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661453  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661227 of type rpminfo_object
Name
texlive-ntgclass

texlive-ntgclass is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661454  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661227 of type rpminfo_object
Name
texlive-ntgclass

texlive-oberdiek is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661455  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661228 of type rpminfo_object
Name
texlive-oberdiek

texlive-oberdiek is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661456  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661228 of type rpminfo_object
Name
texlive-oberdiek

texlive-obsolete is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661457  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661229 of type rpminfo_object
Name
texlive-obsolete

texlive-obsolete is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661458  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661229 of type rpminfo_object
Name
texlive-obsolete

texlive-overpic is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661459  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661230 of type rpminfo_object
Name
texlive-overpic

texlive-overpic is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661460  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661230 of type rpminfo_object
Name
texlive-overpic

texlive-palatino is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661461  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661231 of type rpminfo_object
Name
texlive-palatino

texlive-palatino is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661462  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661231 of type rpminfo_object
Name
texlive-palatino

texlive-paralist is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661463  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661232 of type rpminfo_object
Name
texlive-paralist

texlive-paralist is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661464  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661232 of type rpminfo_object
Name
texlive-paralist

texlive-parallel is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661465  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661233 of type rpminfo_object
Name
texlive-parallel

texlive-parallel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661466  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661233 of type rpminfo_object
Name
texlive-parallel

texlive-parskip is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661467  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661234 of type rpminfo_object
Name
texlive-parskip

texlive-parskip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661468  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661234 of type rpminfo_object
Name
texlive-parskip

texlive-passivetex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661469  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661235 of type rpminfo_object
Name
texlive-passivetex

texlive-passivetex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661470  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661235 of type rpminfo_object
Name
texlive-passivetex

texlive-pdfcolmk is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661471  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661236 of type rpminfo_object
Name
texlive-pdfcolmk

texlive-pdfcolmk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661472  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661236 of type rpminfo_object
Name
texlive-pdfcolmk

texlive-pdfescape is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661473  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661237 of type rpminfo_object
Name
texlive-pdfescape

texlive-pdfescape is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661474  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661237 of type rpminfo_object
Name
texlive-pdfescape

texlive-pdflscape is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661475  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661238 of type rpminfo_object
Name
texlive-pdflscape

texlive-pdflscape is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661476  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661238 of type rpminfo_object
Name
texlive-pdflscape

texlive-pdfpages is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661477  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661239 of type rpminfo_object
Name
texlive-pdfpages

texlive-pdfpages is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661478  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661239 of type rpminfo_object
Name
texlive-pdfpages

texlive-pdftex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661479  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661240 of type rpminfo_object
Name
texlive-pdftex

texlive-pdftex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661480  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661240 of type rpminfo_object
Name
texlive-pdftex

texlive-pdftexcmds is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661481  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661241 of type rpminfo_object
Name
texlive-pdftexcmds

texlive-pdftexcmds is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661482  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661241 of type rpminfo_object
Name
texlive-pdftexcmds

texlive-pgf is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661483  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661242 of type rpminfo_object
Name
texlive-pgf

texlive-pgf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661484  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661242 of type rpminfo_object
Name
texlive-pgf

texlive-philokalia is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661485  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661243 of type rpminfo_object
Name
texlive-philokalia

texlive-philokalia is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661486  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661243 of type rpminfo_object
Name
texlive-philokalia

texlive-placeins is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661487  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661244 of type rpminfo_object
Name
texlive-placeins

texlive-placeins is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661488  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661244 of type rpminfo_object
Name
texlive-placeins

texlive-plain is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661489  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661245 of type rpminfo_object
Name
texlive-plain

texlive-plain is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661490  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661245 of type rpminfo_object
Name
texlive-plain

texlive-polyglossia is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661491  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661246 of type rpminfo_object
Name
texlive-polyglossia

texlive-polyglossia is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661492  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661246 of type rpminfo_object
Name
texlive-polyglossia

texlive-powerdot is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661493  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661247 of type rpminfo_object
Name
texlive-powerdot

texlive-powerdot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661494  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661247 of type rpminfo_object
Name
texlive-powerdot

texlive-preprint is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661495  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661248 of type rpminfo_object
Name
texlive-preprint

texlive-preprint is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661496  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661248 of type rpminfo_object
Name
texlive-preprint

texlive-psfrag is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661497  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661249 of type rpminfo_object
Name
texlive-psfrag

texlive-psfrag is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661498  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661249 of type rpminfo_object
Name
texlive-psfrag

texlive-pslatex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661499  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661250 of type rpminfo_object
Name
texlive-pslatex

texlive-pslatex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661500  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661250 of type rpminfo_object
Name
texlive-pslatex

texlive-psnfss is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661501  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661251 of type rpminfo_object
Name
texlive-psnfss

texlive-psnfss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661502  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661251 of type rpminfo_object
Name
texlive-psnfss

texlive-pspicture is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661503  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661252 of type rpminfo_object
Name
texlive-pspicture

texlive-pspicture is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661504  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661252 of type rpminfo_object
Name
texlive-pspicture

texlive-pst-3d is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661505  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661253 of type rpminfo_object
Name
texlive-pst-3d

texlive-pst-3d is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661506  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661253 of type rpminfo_object
Name
texlive-pst-3d

texlive-pst-arrow is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661507  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661254 of type rpminfo_object
Name
texlive-pst-arrow

texlive-pst-arrow is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661508  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661254 of type rpminfo_object
Name
texlive-pst-arrow

texlive-pst-blur is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661509  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661255 of type rpminfo_object
Name
texlive-pst-blur

texlive-pst-blur is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661510  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661255 of type rpminfo_object
Name
texlive-pst-blur

texlive-pst-coil is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661511  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661256 of type rpminfo_object
Name
texlive-pst-coil

texlive-pst-coil is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661512  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661256 of type rpminfo_object
Name
texlive-pst-coil

texlive-pst-eps is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661513  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661257 of type rpminfo_object
Name
texlive-pst-eps

texlive-pst-eps is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661514  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661257 of type rpminfo_object
Name
texlive-pst-eps

texlive-pst-fill is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661515  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661258 of type rpminfo_object
Name
texlive-pst-fill

texlive-pst-fill is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661516  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661258 of type rpminfo_object
Name
texlive-pst-fill

texlive-pst-grad is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661517  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661259 of type rpminfo_object
Name
texlive-pst-grad

texlive-pst-grad is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661518  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661259 of type rpminfo_object
Name
texlive-pst-grad

texlive-pst-math is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661519  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661260 of type rpminfo_object
Name
texlive-pst-math

texlive-pst-math is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661520  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661260 of type rpminfo_object
Name
texlive-pst-math

texlive-pst-node is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661521  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661261 of type rpminfo_object
Name
texlive-pst-node

texlive-pst-node is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661522  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661261 of type rpminfo_object
Name
texlive-pst-node

texlive-pst-plot is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661523  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661262 of type rpminfo_object
Name
texlive-pst-plot

texlive-pst-plot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661524  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661262 of type rpminfo_object
Name
texlive-pst-plot

texlive-pst-slpe is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661525  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661263 of type rpminfo_object
Name
texlive-pst-slpe

texlive-pst-slpe is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661526  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661263 of type rpminfo_object
Name
texlive-pst-slpe

texlive-pst-text is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661527  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661264 of type rpminfo_object
Name
texlive-pst-text

texlive-pst-text is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661528  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661264 of type rpminfo_object
Name
texlive-pst-text

texlive-pst-tools is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661529  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661265 of type rpminfo_object
Name
texlive-pst-tools

texlive-pst-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661530  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661265 of type rpminfo_object
Name
texlive-pst-tools

texlive-pst-tree is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661531  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661266 of type rpminfo_object
Name
texlive-pst-tree

texlive-pst-tree is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661532  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661266 of type rpminfo_object
Name
texlive-pst-tree

texlive-pstricks is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661533  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661267 of type rpminfo_object
Name
texlive-pstricks

texlive-pstricks is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661534  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661267 of type rpminfo_object
Name
texlive-pstricks

texlive-pstricks-add is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661535  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661268 of type rpminfo_object
Name
texlive-pstricks-add

texlive-pstricks-add is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661536  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661268 of type rpminfo_object
Name
texlive-pstricks-add

texlive-ptext is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661537  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661269 of type rpminfo_object
Name
texlive-ptext

texlive-ptext is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661538  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661269 of type rpminfo_object
Name
texlive-ptext

texlive-pxfonts is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661539  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661270 of type rpminfo_object
Name
texlive-pxfonts

texlive-pxfonts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661540  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661270 of type rpminfo_object
Name
texlive-pxfonts

texlive-qstest is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661541  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661271 of type rpminfo_object
Name
texlive-qstest

texlive-qstest is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661542  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661271 of type rpminfo_object
Name
texlive-qstest

texlive-ragged2e is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661543  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661272 of type rpminfo_object
Name
texlive-ragged2e

texlive-ragged2e is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661544  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661272 of type rpminfo_object
Name
texlive-ragged2e

texlive-rcs is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661545  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661273 of type rpminfo_object
Name
texlive-rcs

texlive-rcs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661546  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661273 of type rpminfo_object
Name
texlive-rcs

texlive-realscripts is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661547  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661274 of type rpminfo_object
Name
texlive-realscripts

texlive-realscripts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661548  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661274 of type rpminfo_object
Name
texlive-realscripts

texlive-refcount is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661549  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661275 of type rpminfo_object
Name
texlive-refcount

texlive-refcount is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661550  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661275 of type rpminfo_object
Name
texlive-refcount

texlive-rerunfilecheck is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661551  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661276 of type rpminfo_object
Name
texlive-rerunfilecheck

texlive-rerunfilecheck is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661552  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661276 of type rpminfo_object
Name
texlive-rerunfilecheck

texlive-rsfs is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661553  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661277 of type rpminfo_object
Name
texlive-rsfs

texlive-rsfs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661554  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661277 of type rpminfo_object
Name
texlive-rsfs

texlive-sansmath is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661555  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661278 of type rpminfo_object
Name
texlive-sansmath

texlive-sansmath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661556  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661278 of type rpminfo_object
Name
texlive-sansmath

texlive-sansmathaccent is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661557  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661279 of type rpminfo_object
Name
texlive-sansmathaccent

texlive-sansmathaccent is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661558  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661279 of type rpminfo_object
Name
texlive-sansmathaccent

texlive-sauerj is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661559  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661280 of type rpminfo_object
Name
texlive-sauerj

texlive-sauerj is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661560  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661280 of type rpminfo_object
Name
texlive-sauerj

texlive-scheme-basic is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661561  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661281 of type rpminfo_object
Name
texlive-scheme-basic

texlive-scheme-basic is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661562  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661281 of type rpminfo_object
Name
texlive-scheme-basic

texlive-section is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661563  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661282 of type rpminfo_object
Name
texlive-section

texlive-section is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661564  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661282 of type rpminfo_object
Name
texlive-section

texlive-sectsty is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661565  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661283 of type rpminfo_object
Name
texlive-sectsty

texlive-sectsty is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661566  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661283 of type rpminfo_object
Name
texlive-sectsty

texlive-seminar is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661567  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661284 of type rpminfo_object
Name
texlive-seminar

texlive-seminar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661568  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661284 of type rpminfo_object
Name
texlive-seminar

texlive-sepnum is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661569  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661285 of type rpminfo_object
Name
texlive-sepnum

texlive-sepnum is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661570  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661285 of type rpminfo_object
Name
texlive-sepnum

texlive-setspace is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661571  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661286 of type rpminfo_object
Name
texlive-setspace

texlive-setspace is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661572  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661286 of type rpminfo_object
Name
texlive-setspace

texlive-showexpl is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661573  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661287 of type rpminfo_object
Name
texlive-showexpl

texlive-showexpl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661574  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661287 of type rpminfo_object
Name
texlive-showexpl

texlive-soul is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661575  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661288 of type rpminfo_object
Name
texlive-soul

texlive-soul is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661576  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661288 of type rpminfo_object
Name
texlive-soul

texlive-stackengine is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661577  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661289 of type rpminfo_object
Name
texlive-stackengine

texlive-stackengine is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661578  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661289 of type rpminfo_object
Name
texlive-stackengine

texlive-stmaryrd is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661579  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661290 of type rpminfo_object
Name
texlive-stmaryrd

texlive-stmaryrd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661580  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661290 of type rpminfo_object
Name
texlive-stmaryrd

texlive-stringenc is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661581  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661291 of type rpminfo_object
Name
texlive-stringenc

texlive-stringenc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661582  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661291 of type rpminfo_object
Name
texlive-stringenc

texlive-subfig is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661583  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661292 of type rpminfo_object
Name
texlive-subfig

texlive-subfig is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661584  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661292 of type rpminfo_object
Name
texlive-subfig

texlive-subfigure is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661585  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661293 of type rpminfo_object
Name
texlive-subfigure

texlive-subfigure is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661586  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661293 of type rpminfo_object
Name
texlive-subfigure

texlive-svn-prov is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661587  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661294 of type rpminfo_object
Name
texlive-svn-prov

texlive-svn-prov is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661588  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661294 of type rpminfo_object
Name
texlive-svn-prov

texlive-symbol is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661589  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661295 of type rpminfo_object
Name
texlive-symbol

texlive-symbol is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661590  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661295 of type rpminfo_object
Name
texlive-symbol

texlive-t2 is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661591  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661296 of type rpminfo_object
Name
texlive-t2

texlive-t2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661592  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661296 of type rpminfo_object
Name
texlive-t2

texlive-tabu is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661593  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661297 of type rpminfo_object
Name
texlive-tabu

texlive-tabu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661594  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661297 of type rpminfo_object
Name
texlive-tabu

texlive-tabulary is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661595  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661298 of type rpminfo_object
Name
texlive-tabulary

texlive-tabulary is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661596  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661298 of type rpminfo_object
Name
texlive-tabulary

texlive-tex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661597  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661299 of type rpminfo_object
Name
texlive-tex

texlive-tex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661598  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661299 of type rpminfo_object
Name
texlive-tex

texlive-tex-gyre is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661599  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661300 of type rpminfo_object
Name
texlive-tex-gyre

texlive-tex-gyre is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661600  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661300 of type rpminfo_object
Name
texlive-tex-gyre

texlive-tex-gyre-math is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661601  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661301 of type rpminfo_object
Name
texlive-tex-gyre-math

texlive-tex-gyre-math is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661602  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661301 of type rpminfo_object
Name
texlive-tex-gyre-math

texlive-tex-ini-files is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661603  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661302 of type rpminfo_object
Name
texlive-tex-ini-files

texlive-tex-ini-files is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661604  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661302 of type rpminfo_object
Name
texlive-tex-ini-files

texlive-tex4ht is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661605  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661303 of type rpminfo_object
Name
texlive-tex4ht

texlive-tex4ht is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661606  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661303 of type rpminfo_object
Name
texlive-tex4ht

texlive-texlive-common-doc is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661607  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661304 of type rpminfo_object
Name
texlive-texlive-common-doc

texlive-texlive-common-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661608  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661304 of type rpminfo_object
Name
texlive-texlive-common-doc

texlive-texlive-docindex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661609  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661305 of type rpminfo_object
Name
texlive-texlive-docindex

texlive-texlive-docindex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661610  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661305 of type rpminfo_object
Name
texlive-texlive-docindex

texlive-texlive-en is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661611  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661306 of type rpminfo_object
Name
texlive-texlive-en

texlive-texlive-en is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661612  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661306 of type rpminfo_object
Name
texlive-texlive-en

texlive-texlive-msg-translations is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661613  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661307 of type rpminfo_object
Name
texlive-texlive-msg-translations

texlive-texlive-msg-translations is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661614  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661307 of type rpminfo_object
Name
texlive-texlive-msg-translations

texlive-texlive-scripts is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661615  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661308 of type rpminfo_object
Name
texlive-texlive-scripts

texlive-texlive-scripts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661616  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661308 of type rpminfo_object
Name
texlive-texlive-scripts

texlive-texlive-scripts-extra is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661617  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661309 of type rpminfo_object
Name
texlive-texlive-scripts-extra

texlive-texlive-scripts-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661618  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661309 of type rpminfo_object
Name
texlive-texlive-scripts-extra

texlive-texlive.infra is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661619  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661310 of type rpminfo_object
Name
texlive-texlive.infra

texlive-texlive.infra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661620  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661310 of type rpminfo_object
Name
texlive-texlive.infra

texlive-textcase is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661621  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661311 of type rpminfo_object
Name
texlive-textcase

texlive-textcase is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661622  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661311 of type rpminfo_object
Name
texlive-textcase

texlive-textpos is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661623  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661312 of type rpminfo_object
Name
texlive-textpos

texlive-textpos is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661624  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661312 of type rpminfo_object
Name
texlive-textpos

texlive-threeparttable is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661625  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661313 of type rpminfo_object
Name
texlive-threeparttable

texlive-threeparttable is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661626  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661313 of type rpminfo_object
Name
texlive-threeparttable

texlive-thumbpdf is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661627  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661314 of type rpminfo_object
Name
texlive-thumbpdf

texlive-thumbpdf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661628  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661314 of type rpminfo_object
Name
texlive-thumbpdf

texlive-times is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661629  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661315 of type rpminfo_object
Name
texlive-times

texlive-times is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661630  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661315 of type rpminfo_object
Name
texlive-times

texlive-tipa is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661631  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661316 of type rpminfo_object
Name
texlive-tipa

texlive-tipa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661632  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661316 of type rpminfo_object
Name
texlive-tipa

texlive-titlesec is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661633  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661317 of type rpminfo_object
Name
texlive-titlesec

texlive-titlesec is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661634  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661317 of type rpminfo_object
Name
texlive-titlesec

texlive-titling is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661635  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661318 of type rpminfo_object
Name
texlive-titling

texlive-titling is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661636  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661318 of type rpminfo_object
Name
texlive-titling

texlive-tocloft is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661637  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661319 of type rpminfo_object
Name
texlive-tocloft

texlive-tocloft is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661638  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661319 of type rpminfo_object
Name
texlive-tocloft

texlive-tools is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661639  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661320 of type rpminfo_object
Name
texlive-tools

texlive-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661640  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661320 of type rpminfo_object
Name
texlive-tools

texlive-translator is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661641  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661321 of type rpminfo_object
Name
texlive-translator

texlive-translator is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661642  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661321 of type rpminfo_object
Name
texlive-translator

texlive-trimspaces is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661643  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661322 of type rpminfo_object
Name
texlive-trimspaces

texlive-trimspaces is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661644  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661322 of type rpminfo_object
Name
texlive-trimspaces

texlive-txfonts is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661645  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661323 of type rpminfo_object
Name
texlive-txfonts

texlive-txfonts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661646  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661323 of type rpminfo_object
Name
texlive-txfonts

texlive-type1cm is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661647  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661324 of type rpminfo_object
Name
texlive-type1cm

texlive-type1cm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661648  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661324 of type rpminfo_object
Name
texlive-type1cm

texlive-typehtml is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661649  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661325 of type rpminfo_object
Name
texlive-typehtml

texlive-typehtml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661650  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661325 of type rpminfo_object
Name
texlive-typehtml

texlive-ucharcat is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661651  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661326 of type rpminfo_object
Name
texlive-ucharcat

texlive-ucharcat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661652  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661326 of type rpminfo_object
Name
texlive-ucharcat

texlive-ucharclasses is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661653  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661327 of type rpminfo_object
Name
texlive-ucharclasses

texlive-ucharclasses is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661654  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661327 of type rpminfo_object
Name
texlive-ucharclasses

texlive-ucs is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661655  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661328 of type rpminfo_object
Name
texlive-ucs

texlive-ucs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661656  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661328 of type rpminfo_object
Name
texlive-ucs

texlive-uhc is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661657  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661329 of type rpminfo_object
Name
texlive-uhc

texlive-uhc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661658  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661329 of type rpminfo_object
Name
texlive-uhc

texlive-ulem is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661659  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661330 of type rpminfo_object
Name
texlive-ulem

texlive-ulem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661660  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661330 of type rpminfo_object
Name
texlive-ulem

texlive-underscore is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661661  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661331 of type rpminfo_object
Name
texlive-underscore

texlive-underscore is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661662  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661331 of type rpminfo_object
Name
texlive-underscore

texlive-unicode-data is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661663  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661332 of type rpminfo_object
Name
texlive-unicode-data

texlive-unicode-data is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661664  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661332 of type rpminfo_object
Name
texlive-unicode-data

texlive-unicode-math is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661665  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661333 of type rpminfo_object
Name
texlive-unicode-math

texlive-unicode-math is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661666  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661333 of type rpminfo_object
Name
texlive-unicode-math

texlive-uniquecounter is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661667  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661334 of type rpminfo_object
Name
texlive-uniquecounter

texlive-uniquecounter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661668  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661334 of type rpminfo_object
Name
texlive-uniquecounter

texlive-unisugar is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661669  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661335 of type rpminfo_object
Name
texlive-unisugar

texlive-unisugar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661670  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661335 of type rpminfo_object
Name
texlive-unisugar

texlive-updmap-map is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661671  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661336 of type rpminfo_object
Name
texlive-updmap-map

texlive-updmap-map is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661672  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661336 of type rpminfo_object
Name
texlive-updmap-map

texlive-upquote is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661673  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661337 of type rpminfo_object
Name
texlive-upquote

texlive-upquote is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661674  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661337 of type rpminfo_object
Name
texlive-upquote

texlive-url is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661675  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661338 of type rpminfo_object
Name
texlive-url

texlive-url is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661676  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661338 of type rpminfo_object
Name
texlive-url

texlive-utopia is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661677  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661339 of type rpminfo_object
Name
texlive-utopia

texlive-utopia is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661678  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661339 of type rpminfo_object
Name
texlive-utopia

texlive-varwidth is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661679  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661340 of type rpminfo_object
Name
texlive-varwidth

texlive-varwidth is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661680  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661340 of type rpminfo_object
Name
texlive-varwidth

texlive-wadalab is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661681  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661341 of type rpminfo_object
Name
texlive-wadalab

texlive-wadalab is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661682  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661341 of type rpminfo_object
Name
texlive-wadalab

texlive-was is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661683  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661342 of type rpminfo_object
Name
texlive-was

texlive-was is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661684  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661342 of type rpminfo_object
Name
texlive-was

texlive-wasy is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661685  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661343 of type rpminfo_object
Name
texlive-wasy

texlive-wasy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661686  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661343 of type rpminfo_object
Name
texlive-wasy

texlive-wasy-type1 is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661687  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661344 of type rpminfo_object
Name
texlive-wasy-type1

texlive-wasy-type1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661688  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661344 of type rpminfo_object
Name
texlive-wasy-type1

texlive-wasysym is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661689  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661345 of type rpminfo_object
Name
texlive-wasysym

texlive-wasysym is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661690  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661345 of type rpminfo_object
Name
texlive-wasysym

texlive-wrapfig is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661691  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661346 of type rpminfo_object
Name
texlive-wrapfig

texlive-wrapfig is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661692  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661346 of type rpminfo_object
Name
texlive-wrapfig

texlive-xcolor is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661693  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661347 of type rpminfo_object
Name
texlive-xcolor

texlive-xcolor is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661694  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661347 of type rpminfo_object
Name
texlive-xcolor

texlive-xdvi is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661695  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661348 of type rpminfo_object
Name
texlive-xdvi

texlive-xdvi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661696  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661348 of type rpminfo_object
Name
texlive-xdvi

texlive-xecjk is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661697  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661349 of type rpminfo_object
Name
texlive-xecjk

texlive-xecjk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661698  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661349 of type rpminfo_object
Name
texlive-xecjk

texlive-xecolor is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661699  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661350 of type rpminfo_object
Name
texlive-xecolor

texlive-xecolor is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661700  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661350 of type rpminfo_object
Name
texlive-xecolor

texlive-xecyr is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661701  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661351 of type rpminfo_object
Name
texlive-xecyr

texlive-xecyr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661702  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661351 of type rpminfo_object
Name
texlive-xecyr

texlive-xeindex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661703  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661352 of type rpminfo_object
Name
texlive-xeindex

texlive-xeindex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661704  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661352 of type rpminfo_object
Name
texlive-xeindex

texlive-xepersian is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661705  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661353 of type rpminfo_object
Name
texlive-xepersian

texlive-xepersian is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661706  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661353 of type rpminfo_object
Name
texlive-xepersian

texlive-xesearch is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661707  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661354 of type rpminfo_object
Name
texlive-xesearch

texlive-xesearch is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661708  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661354 of type rpminfo_object
Name
texlive-xesearch

texlive-xetex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661709  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661355 of type rpminfo_object
Name
texlive-xetex

texlive-xetex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661710  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661355 of type rpminfo_object
Name
texlive-xetex

texlive-xetex-itrans is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661711  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661356 of type rpminfo_object
Name
texlive-xetex-itrans

texlive-xetex-itrans is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661712  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661356 of type rpminfo_object
Name
texlive-xetex-itrans

texlive-xetex-pstricks is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661713  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661357 of type rpminfo_object
Name
texlive-xetex-pstricks

texlive-xetex-pstricks is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661714  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661357 of type rpminfo_object
Name
texlive-xetex-pstricks

texlive-xetex-tibetan is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661715  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661358 of type rpminfo_object
Name
texlive-xetex-tibetan

texlive-xetex-tibetan is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661716  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661358 of type rpminfo_object
Name
texlive-xetex-tibetan

texlive-xetexconfig is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661717  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661359 of type rpminfo_object
Name
texlive-xetexconfig

texlive-xetexconfig is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661718  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661359 of type rpminfo_object
Name
texlive-xetexconfig

texlive-xetexfontinfo is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661719  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661360 of type rpminfo_object
Name
texlive-xetexfontinfo

texlive-xetexfontinfo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661720  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661360 of type rpminfo_object
Name
texlive-xetexfontinfo

texlive-xifthen is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661721  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661361 of type rpminfo_object
Name
texlive-xifthen

texlive-xifthen is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661722  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661361 of type rpminfo_object
Name
texlive-xifthen

texlive-xkeyval is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661723  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661362 of type rpminfo_object
Name
texlive-xkeyval

texlive-xkeyval is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661724  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661362 of type rpminfo_object
Name
texlive-xkeyval

texlive-xltxtra is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661725  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661363 of type rpminfo_object
Name
texlive-xltxtra

texlive-xltxtra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661726  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661363 of type rpminfo_object
Name
texlive-xltxtra

texlive-xmltex is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661727  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661364 of type rpminfo_object
Name
texlive-xmltex

texlive-xmltex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661728  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661364 of type rpminfo_object
Name
texlive-xmltex

texlive-xmltexconfig is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661729  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661365 of type rpminfo_object
Name
texlive-xmltexconfig

texlive-xmltexconfig is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661730  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661365 of type rpminfo_object
Name
texlive-xmltexconfig

texlive-xstring is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661731  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661366 of type rpminfo_object
Name
texlive-xstring

texlive-xstring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661732  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661366 of type rpminfo_object
Name
texlive-xstring

texlive-xtab is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661733  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661367 of type rpminfo_object
Name
texlive-xtab

texlive-xtab is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661734  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661367 of type rpminfo_object
Name
texlive-xtab

texlive-xunicode is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661735  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661368 of type rpminfo_object
Name
texlive-xunicode

texlive-xunicode is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661736  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661368 of type rpminfo_object
Name
texlive-xunicode

texlive-zapfchan is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661737  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661369 of type rpminfo_object
Name
texlive-zapfchan

texlive-zapfchan is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661738  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661369 of type rpminfo_object
Name
texlive-zapfchan

texlive-zapfding is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661739  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661370 of type rpminfo_object
Name
texlive-zapfding

texlive-zapfding is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661740  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661370 of type rpminfo_object
Name
texlive-zapfding

texlive-zref is earlier than 9:20200406-26.el9_2  oval:com.redhat.rhsa:tst:20233661741  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661371 of type rpminfo_object
Name
texlive-zref

texlive-zref is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233661742  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233661371 of type rpminfo_object
Name
texlive-zref
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233595
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python-unversioned-command is earlier than 0:3.9.16-1.el9_2.1  oval:com.redhat.rhsa:tst:20233595001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python-unversioned-command is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python3 is earlier than 0:3.9.16-1.el9_2.1  oval:com.redhat.rhsa:tst:20233595003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3-debug is earlier than 0:3.9.16-1.el9_2.1  oval:com.redhat.rhsa:tst:20233595005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-devel is earlier than 0:3.9.16-1.el9_2.1  oval:com.redhat.rhsa:tst:20233595007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-idle is earlier than 0:3.9.16-1.el9_2.1  oval:com.redhat.rhsa:tst:20233595009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-idle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-libs is earlier than 0:3.9.16-1.el9_2.1  oval:com.redhat.rhsa:tst:20233595011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-test is earlier than 0:3.9.16-1.el9_2.1  oval:com.redhat.rhsa:tst:20233595013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-tkinter is earlier than 0:3.9.16-1.el9_2.1  oval:com.redhat.rhsa:tst:20233595015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter

python3-tkinter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233592
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-7.0 is earlier than 0:7.0.7-1.el9_2  oval:com.redhat.rhsa:tst:20233592001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-targeting-pack-7.0 is earlier than 0:7.0.7-1.el9_2  oval:com.redhat.rhsa:tst:20233592003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

aspnetcore-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

dotnet-apphost-pack-7.0 is earlier than 0:7.0.7-1.el9_2  oval:com.redhat.rhsa:tst:20233592005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-apphost-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-host is earlier than 0:7.0.7-1.el9_2  oval:com.redhat.rhsa:tst:20233592007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-7.0 is earlier than 0:7.0.7-1.el9_2  oval:com.redhat.rhsa:tst:20233592009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-hostfxr-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-runtime-7.0 is earlier than 0:7.0.7-1.el9_2  oval:com.redhat.rhsa:tst:20233592011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-sdk-7.0 is earlier than 0:7.0.107-1.el9_2  oval:com.redhat.rhsa:tst:20233592013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0-source-built-artifacts is earlier than 0:7.0.107-1.el9_2  oval:com.redhat.rhsa:tst:20233592015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-sdk-7.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-targeting-pack-7.0 is earlier than 0:7.0.7-1.el9_2  oval:com.redhat.rhsa:tst:20233592017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-templates-7.0 is earlier than 0:7.0.107-1.el9_2  oval:com.redhat.rhsa:tst:20233592019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

dotnet-templates-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

netstandard-targeting-pack-2.1 is earlier than 0:7.0.107-1.el9_2  oval:com.redhat.rhsa:tst:20233592021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233589
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.12.0-1.el9_2  oval:com.redhat.rhsa:tst:20233589001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:102.12.0-1.el9_2  oval:com.redhat.rhsa:tst:20233589003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233587
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.12.0-1.el9_2  oval:com.redhat.rhsa:tst:20233587001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233586
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nodejs is earlier than 1:16.19.1-2.el9_2  oval:com.redhat.rhsa:tst:20233586001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-docs is earlier than 1:16.19.1-2.el9_2  oval:com.redhat.rhsa:tst:20233586003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:16.19.1-2.el9_2  oval:com.redhat.rhsa:tst:20233586005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-libs is earlier than 1:16.19.1-2.el9_2  oval:com.redhat.rhsa:tst:20233586007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

nodejs-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226595008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

npm is earlier than 1:8.19.3-1.16.19.1.2.el9_2  oval:com.redhat.rhsa:tst:20233586009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233585
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3.11 is earlier than 0:3.11.2-2.el9_2.1  oval:com.redhat.rhsa:tst:20233585001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585001 of type rpminfo_object
Name
python3.11

python3.11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585001 of type rpminfo_object
Name
python3.11

python3.11-debug is earlier than 0:3.11.2-2.el9_2.1  oval:com.redhat.rhsa:tst:20233585003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585002 of type rpminfo_object
Name
python3.11-debug

python3.11-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585002 of type rpminfo_object
Name
python3.11-debug

python3.11-devel is earlier than 0:3.11.2-2.el9_2.1  oval:com.redhat.rhsa:tst:20233585005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585003 of type rpminfo_object
Name
python3.11-devel

python3.11-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585003 of type rpminfo_object
Name
python3.11-devel

python3.11-idle is earlier than 0:3.11.2-2.el9_2.1  oval:com.redhat.rhsa:tst:20233585007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585004 of type rpminfo_object
Name
python3.11-idle

python3.11-idle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585004 of type rpminfo_object
Name
python3.11-idle

python3.11-libs is earlier than 0:3.11.2-2.el9_2.1  oval:com.redhat.rhsa:tst:20233585009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585005 of type rpminfo_object
Name
python3.11-libs

python3.11-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585005 of type rpminfo_object
Name
python3.11-libs

python3.11-test is earlier than 0:3.11.2-2.el9_2.1  oval:com.redhat.rhsa:tst:20233585011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585006 of type rpminfo_object
Name
python3.11-test

python3.11-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585006 of type rpminfo_object
Name
python3.11-test

python3.11-tkinter is earlier than 0:3.11.2-2.el9_2.1  oval:com.redhat.rhsa:tst:20233585013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585007 of type rpminfo_object
Name
python3.11-tkinter

python3.11-tkinter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233585014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233585007 of type rpminfo_object
Name
python3.11-tkinter
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233581
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.18-1.el9_2  oval:com.redhat.rhsa:tst:20233581001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.18-1.el9_2  oval:com.redhat.rhsa:tst:20233581003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.18-1.el9_2  oval:com.redhat.rhsa:tst:20233581005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-hostfxr-6.0 is earlier than 0:6.0.18-1.el9_2  oval:com.redhat.rhsa:tst:20233581007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.18-1.el9_2  oval:com.redhat.rhsa:tst:20233581009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.118-1.el9_2  oval:com.redhat.rhsa:tst:20233581011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.118-1.el9_2  oval:com.redhat.rhsa:tst:20233581013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.18-1.el9_2  oval:com.redhat.rhsa:tst:20233581015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.118-1.el9_2  oval:com.redhat.rhsa:tst:20233581017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233577
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module nodejs:18 is enabled  oval:com.redhat.rhsa:tst:20228832017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252009 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/nodejs.module\[nodejs\][\w\W]*1

nodejs is earlier than 1:18.14.2-3.module+el9.2.0.z+18964+42696395  oval:com.redhat.rhsa:tst:20233577001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-devel is earlier than 1:18.14.2-3.module+el9.2.0.z+18964+42696395  oval:com.redhat.rhsa:tst:20233577003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-docs is earlier than 1:18.14.2-3.module+el9.2.0.z+18964+42696395  oval:com.redhat.rhsa:tst:20233577005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:18.14.2-3.module+el9.2.0.z+18964+42696395  oval:com.redhat.rhsa:tst:20233577007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-nodemon is earlier than 0:2.0.20-2.module+el9.2.0.z+18497+a402347c  oval:com.redhat.rhsa:tst:20232654009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-nodemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-packaging is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging-bundler is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

nodejs-packaging-bundler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

npm is earlier than 1:9.5.0-1.18.14.2.3.module+el9.2.0.z+18964+42696395  oval:com.redhat.rhsa:tst:20233577015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233559
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

c-ares is earlier than 0:1.17.1-5.el9_2.1  oval:com.redhat.rhsa:tst:20233559001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
c-aresaarch64(none)1.el91.19.10:1.19.1-1.el9199e2f91fd431d51c-ares-0:1.19.1-1.el9.aarch64

c-ares is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233559002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
c-aresaarch64(none)1.el91.19.10:1.19.1-1.el9199e2f91fd431d51c-ares-0:1.19.1-1.el9.aarch64

c-ares-devel is earlier than 0:1.17.1-5.el9_2.1  oval:com.redhat.rhsa:tst:20233559003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233559002 of type rpminfo_object
Name
c-ares-devel

c-ares-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233559004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233559002 of type rpminfo_object
Name
c-ares-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233432
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

webkit2gtk3 is earlier than 0:2.38.5-1.el9_2.2  oval:com.redhat.rhsa:tst:20233432001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-devel is earlier than 0:2.38.5-1.el9_2.2  oval:com.redhat.rhsa:tst:20233432003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-jsc is earlier than 0:2.38.5-1.el9_2.2  oval:com.redhat.rhsa:tst:20233432005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc-devel is earlier than 0:2.38.5-1.el9_2.2  oval:com.redhat.rhsa:tst:20233432007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel

webkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233423
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

cups-filters is earlier than 0:1.28.7-11.el9_2.1  oval:com.redhat.rhsa:tst:20233423001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-filtersaarch64(none)13.el91.28.70:1.28.7-13.el9199e2f91fd431d51cups-filters-0:1.28.7-13.el9.aarch64

cups-filters is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233423002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-filtersaarch64(none)13.el91.28.70:1.28.7-13.el9199e2f91fd431d51cups-filters-0:1.28.7-13.el9.aarch64

cups-filters-devel is earlier than 0:1.28.7-11.el9_2.1  oval:com.redhat.rhsa:tst:20233423003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233423002 of type rpminfo_object
Name
cups-filters-devel

cups-filters-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233423004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233423002 of type rpminfo_object
Name
cups-filters-devel

cups-filters-libs is earlier than 0:1.28.7-11.el9_2.1  oval:com.redhat.rhsa:tst:20233423005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-filters-libsaarch64(none)13.el91.28.70:1.28.7-13.el9199e2f91fd431d51cups-filters-libs-0:1.28.7-13.el9.aarch64

cups-filters-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233423006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-filters-libsaarch64(none)13.el91.28.70:1.28.7-13.el9199e2f91fd431d51cups-filters-libs-0:1.28.7-13.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233318
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

golang is earlier than 0:1.19.9-2.el9_2  oval:com.redhat.rhsa:tst:20233318001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang-bin is earlier than 0:1.19.9-2.el9_2  oval:com.redhat.rhsa:tst:20233318003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-bin is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-docs is earlier than 0:1.19.9-2.el9_2  oval:com.redhat.rhsa:tst:20233318005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-misc is earlier than 0:1.19.9-2.el9_2  oval:com.redhat.rhsa:tst:20233318007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-misc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-race is earlier than 0:1.19.9-2.el9_2  oval:com.redhat.rhsa:tst:20233318009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-race is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-src is earlier than 0:1.19.9-2.el9_2  oval:com.redhat.rhsa:tst:20233318011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-tests is earlier than 0:1.19.9-2.el9_2  oval:com.redhat.rhsa:tst:20233318013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests

golang-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233245
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

git is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gitaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-0:2.39.3-1.el9_2.aarch64

git is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gitaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-0:2.39.3-1.el9_2.aarch64

git-all is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611002 of type rpminfo_object
Name
git-all

git-all is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611002 of type rpminfo_object
Name
git-all

git-core is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-coreaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-0:2.39.3-1.el9_2.aarch64

git-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-coreaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-0:2.39.3-1.el9_2.aarch64

git-core-doc is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-core-docnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-doc-0:2.39.3-1.el9_2.noarch

git-core-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-core-docnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-doc-0:2.39.3-1.el9_2.noarch

git-credential-libsecret is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611005 of type rpminfo_object
Name
git-credential-libsecret

git-credential-libsecret is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611005 of type rpminfo_object
Name
git-credential-libsecret

git-daemon is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611006 of type rpminfo_object
Name
git-daemon

git-daemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611006 of type rpminfo_object
Name
git-daemon

git-email is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611007 of type rpminfo_object
Name
git-email

git-email is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611007 of type rpminfo_object
Name
git-email

git-gui is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611008 of type rpminfo_object
Name
git-gui

git-gui is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611008 of type rpminfo_object
Name
git-gui

git-instaweb is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611009 of type rpminfo_object
Name
git-instaweb

git-instaweb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611009 of type rpminfo_object
Name
git-instaweb

git-subtree is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611010 of type rpminfo_object
Name
git-subtree

git-subtree is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611010 of type rpminfo_object
Name
git-subtree

git-svn is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611011 of type rpminfo_object
Name
git-svn

git-svn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611011 of type rpminfo_object
Name
git-svn

gitk is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611012 of type rpminfo_object
Name
gitk

gitk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611012 of type rpminfo_object
Name
gitk

gitweb is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611013 of type rpminfo_object
Name
gitweb

gitweb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611013 of type rpminfo_object
Name
gitweb

perl-Git is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245027  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
perl-Gitnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51perl-Git-0:2.39.3-1.el9_2.noarch

perl-Git is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611028  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
perl-Gitnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51perl-Git-0:2.39.3-1.el9_2.noarch

perl-Git-SVN is earlier than 0:2.39.3-1.el9_2  oval:com.redhat.rhsa:tst:20233245029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611015 of type rpminfo_object
Name
perl-Git-SVN

perl-Git-SVN is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611015 of type rpminfo_object
Name
perl-Git-SVN
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233150
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.11.0-1.el9_2  oval:com.redhat.rhsa:tst:20233150001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233148
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libreswan is earlier than 0:4.9-4.el9_2  oval:com.redhat.rhsa:tst:20233148001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232120001 of type rpminfo_object
Name
libreswan

libreswan is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232120002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232120001 of type rpminfo_object
Name
libreswan
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233147
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

apr-util is earlier than 0:1.6.1-20.el9_2.1  oval:com.redhat.rhsa:tst:20233147001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147001 of type rpminfo_object
Name
apr-util

apr-util is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233147002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147001 of type rpminfo_object
Name
apr-util

apr-util-bdb is earlier than 0:1.6.1-20.el9_2.1  oval:com.redhat.rhsa:tst:20233147003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147002 of type rpminfo_object
Name
apr-util-bdb

apr-util-bdb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233147004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147002 of type rpminfo_object
Name
apr-util-bdb

apr-util-devel is earlier than 0:1.6.1-20.el9_2.1  oval:com.redhat.rhsa:tst:20233147005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147003 of type rpminfo_object
Name
apr-util-devel

apr-util-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233147006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147003 of type rpminfo_object
Name
apr-util-devel

apr-util-ldap is earlier than 0:1.6.1-20.el9_2.1  oval:com.redhat.rhsa:tst:20233147007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147004 of type rpminfo_object
Name
apr-util-ldap

apr-util-ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233147008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147004 of type rpminfo_object
Name
apr-util-ldap

apr-util-mysql is earlier than 0:1.6.1-20.el9_2.1  oval:com.redhat.rhsa:tst:20233147009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147005 of type rpminfo_object
Name
apr-util-mysql

apr-util-mysql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233147010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147005 of type rpminfo_object
Name
apr-util-mysql

apr-util-odbc is earlier than 0:1.6.1-20.el9_2.1  oval:com.redhat.rhsa:tst:20233147011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147006 of type rpminfo_object
Name
apr-util-odbc

apr-util-odbc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233147012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147006 of type rpminfo_object
Name
apr-util-odbc

apr-util-openssl is earlier than 0:1.6.1-20.el9_2.1  oval:com.redhat.rhsa:tst:20233147013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147007 of type rpminfo_object
Name
apr-util-openssl

apr-util-openssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233147014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147007 of type rpminfo_object
Name
apr-util-openssl

apr-util-pgsql is earlier than 0:1.6.1-20.el9_2.1  oval:com.redhat.rhsa:tst:20233147015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147008 of type rpminfo_object
Name
apr-util-pgsql

apr-util-pgsql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233147016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147008 of type rpminfo_object
Name
apr-util-pgsql

apr-util-sqlite is earlier than 0:1.6.1-20.el9_2.1  oval:com.redhat.rhsa:tst:20233147017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147009 of type rpminfo_object
Name
apr-util-sqlite

apr-util-sqlite is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20233147018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20233147009 of type rpminfo_object
Name
apr-util-sqlite
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20233143
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.11.0-2.el9_2  oval:com.redhat.rhsa:tst:20233143001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:102.11.0-2.el9_2  oval:com.redhat.rhsa:tst:20233143003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232655
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nodejs-nodemon is earlier than 0:2.0.20-3.el9_2  oval:com.redhat.rhsa:tst:20232655001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-nodemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs is earlier than 1:16.19.1-1.el9_2  oval:com.redhat.rhsa:tst:20232655003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-docs is earlier than 1:16.19.1-1.el9_2  oval:com.redhat.rhsa:tst:20232655005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:16.19.1-1.el9_2  oval:com.redhat.rhsa:tst:20232655007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-libs is earlier than 1:16.19.1-1.el9_2  oval:com.redhat.rhsa:tst:20232655009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

nodejs-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226595008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

npm is earlier than 1:8.19.3-1.16.19.1.1.el9_2  oval:com.redhat.rhsa:tst:20232655011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232654
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module nodejs:18 is enabled  oval:com.redhat.rhsa:tst:20228832017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252009 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/nodejs.module\[nodejs\][\w\W]*1

nodejs is earlier than 1:18.14.2-2.module+el9.2.0.z+18497+a402347c  oval:com.redhat.rhsa:tst:20232654001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-devel is earlier than 1:18.14.2-2.module+el9.2.0.z+18497+a402347c  oval:com.redhat.rhsa:tst:20232654003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-docs is earlier than 1:18.14.2-2.module+el9.2.0.z+18497+a402347c  oval:com.redhat.rhsa:tst:20232654005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:18.14.2-2.module+el9.2.0.z+18497+a402347c  oval:com.redhat.rhsa:tst:20232654007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-nodemon is earlier than 0:2.0.20-2.module+el9.2.0.z+18497+a402347c  oval:com.redhat.rhsa:tst:20232654009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-nodemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-packaging is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging-bundler is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

nodejs-packaging-bundler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

npm is earlier than 1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c  oval:com.redhat.rhsa:tst:20232654015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232653
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

webkit2gtk3 is earlier than 0:2.38.5-1.el9_2.1  oval:com.redhat.rhsa:tst:20232653001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-devel is earlier than 0:2.38.5-1.el9_2.1  oval:com.redhat.rhsa:tst:20232653003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-jsc is earlier than 0:2.38.5-1.el9_2.1  oval:com.redhat.rhsa:tst:20232653005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc-devel is earlier than 0:2.38.5-1.el9_2.1  oval:com.redhat.rhsa:tst:20232653007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel

webkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232652
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pcs is earlier than 0:0.11.4-7.el9_2  oval:com.redhat.rhsa:tst:20232652001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs-snmp is earlier than 0:0.11.4-7.el9_2  oval:com.redhat.rhsa:tst:20232652003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp

pcs-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232650
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

curl is earlier than 0:7.76.1-23.el9_2.1  oval:com.redhat.rhsa:tst:20232650001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl-minimal is earlier than 0:7.76.1-23.el9_2.1  oval:com.redhat.rhsa:tst:20232650003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

curl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

libcurl is earlier than 0:7.76.1-23.el9_2.1  oval:com.redhat.rhsa:tst:20232650005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl-devel is earlier than 0:7.76.1-23.el9_2.1  oval:com.redhat.rhsa:tst:20232650007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-minimal is earlier than 0:7.76.1-23.el9_2.1  oval:com.redhat.rhsa:tst:20232650009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal

libcurl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232645
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

openssh is earlier than 0:8.7p1-29.el9_2  oval:com.redhat.rhsa:tst:20232645001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensshaarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-0:8.7p1-34.el9.aarch64

openssh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensshaarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-0:8.7p1-34.el9.aarch64

openssh-askpass is earlier than 0:8.7p1-29.el9_2  oval:com.redhat.rhsa:tst:20232645003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645002 of type rpminfo_object
Name
openssh-askpass

openssh-askpass is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645002 of type rpminfo_object
Name
openssh-askpass

openssh-clients is earlier than 0:8.7p1-29.el9_2  oval:com.redhat.rhsa:tst:20232645005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-clientsaarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-clients-0:8.7p1-34.el9.aarch64

openssh-clients is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-clientsaarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-clients-0:8.7p1-34.el9.aarch64

openssh-keycat is earlier than 0:8.7p1-29.el9_2  oval:com.redhat.rhsa:tst:20232645007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645004 of type rpminfo_object
Name
openssh-keycat

openssh-keycat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645004 of type rpminfo_object
Name
openssh-keycat

openssh-server is earlier than 0:8.7p1-29.el9_2  oval:com.redhat.rhsa:tst:20232645009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

openssh-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

pam_ssh_agent_auth is earlier than 0:0.10.4-5.29.el9_2  oval:com.redhat.rhsa:tst:20232645011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645006 of type rpminfo_object
Name
pam_ssh_agent_auth

pam_ssh_agent_auth is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232645012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232645006 of type rpminfo_object
Name
pam_ssh_agent_auth
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232633
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libreswan is earlier than 0:4.9-2.el9_2  oval:com.redhat.rhsa:tst:20232633001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232120001 of type rpminfo_object
Name
libreswan

libreswan is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232120002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232120001 of type rpminfo_object
Name
libreswan
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232626
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

emacs is earlier than 1:27.2-8.el9_2.1  oval:com.redhat.rhsa:tst:20232626001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074001 of type rpminfo_object
Name
emacs

emacs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074001 of type rpminfo_object
Name
emacs

emacs-common is earlier than 1:27.2-8.el9_2.1  oval:com.redhat.rhsa:tst:20232626003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074002 of type rpminfo_object
Name
emacs-common

emacs-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074002 of type rpminfo_object
Name
emacs-common

emacs-filesystem is earlier than 1:27.2-8.el9_2.1  oval:com.redhat.rhsa:tst:20232626005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
emacs-filesystemnoarch19.el927.21:27.2-9.el9199e2f91fd431d51emacs-filesystem-1:27.2-9.el9.noarch

emacs-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
emacs-filesystemnoarch19.el927.21:27.2-9.el9199e2f91fd431d51emacs-filesystem-1:27.2-9.el9.noarch

emacs-lucid is earlier than 1:27.2-8.el9_2.1  oval:com.redhat.rhsa:tst:20232626007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074004 of type rpminfo_object
Name
emacs-lucid

emacs-lucid is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074004 of type rpminfo_object
Name
emacs-lucid

emacs-nox is earlier than 1:27.2-8.el9_2.1  oval:com.redhat.rhsa:tst:20232626009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074005 of type rpminfo_object
Name
emacs-nox

emacs-nox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074005 of type rpminfo_object
Name
emacs-nox
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232621
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

mysql is earlier than 0:8.0.32-1.el9_2  oval:com.redhat.rhsa:tst:20232621001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590001 of type rpminfo_object
Name
mysql

mysql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590001 of type rpminfo_object
Name
mysql

mysql-common is earlier than 0:8.0.32-1.el9_2  oval:com.redhat.rhsa:tst:20232621003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590002 of type rpminfo_object
Name
mysql-common

mysql-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590002 of type rpminfo_object
Name
mysql-common

mysql-devel is earlier than 0:8.0.32-1.el9_2  oval:com.redhat.rhsa:tst:20232621005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590003 of type rpminfo_object
Name
mysql-devel

mysql-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590003 of type rpminfo_object
Name
mysql-devel

mysql-errmsg is earlier than 0:8.0.32-1.el9_2  oval:com.redhat.rhsa:tst:20232621007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590004 of type rpminfo_object
Name
mysql-errmsg

mysql-errmsg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590004 of type rpminfo_object
Name
mysql-errmsg

mysql-libs is earlier than 0:8.0.32-1.el9_2  oval:com.redhat.rhsa:tst:20232621009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590005 of type rpminfo_object
Name
mysql-libs

mysql-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590005 of type rpminfo_object
Name
mysql-libs

mysql-server is earlier than 0:8.0.32-1.el9_2  oval:com.redhat.rhsa:tst:20232621011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590006 of type rpminfo_object
Name
mysql-server

mysql-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590006 of type rpminfo_object
Name
mysql-server

mysql-test is earlier than 0:8.0.32-1.el9_2  oval:com.redhat.rhsa:tst:20232621013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590007 of type rpminfo_object
Name
mysql-test

mysql-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590007 of type rpminfo_object
Name
mysql-test
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232592
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

golang-github-cpuguy83-md2man is earlier than 0:2.0.2-4.el9  oval:com.redhat.rhsa:tst:20232592001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232592001 of type rpminfo_object
Name
golang-github-cpuguy83-md2man

golang-github-cpuguy83-md2man is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232592002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232592001 of type rpminfo_object
Name
golang-github-cpuguy83-md2man
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232589
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

autotrace is earlier than 0:0.31.1-65.el9  oval:com.redhat.rhsa:tst:20232589001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232589001 of type rpminfo_object
Name
autotrace

autotrace is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232589001 of type rpminfo_object
Name
autotrace
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232582
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

lua is earlier than 0:5.4.4-3.el9  oval:com.redhat.rhsa:tst:20232582001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329001 of type rpminfo_object
Name
lua

lua is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227329002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329001 of type rpminfo_object
Name
lua

lua-devel is earlier than 0:5.4.4-3.el9  oval:com.redhat.rhsa:tst:20232582003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329002 of type rpminfo_object
Name
lua-devel

lua-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227329004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329002 of type rpminfo_object
Name
lua-devel

lua-libs is earlier than 0:5.4.4-3.el9  oval:com.redhat.rhsa:tst:20232582005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
lua-libsaarch64(none)4.el95.4.40:5.4.4-4.el9199e2f91fd431d51lua-libs-0:5.4.4-4.el9.aarch64

lua-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227329006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
lua-libsaarch64(none)4.el95.4.40:5.4.4-4.el9199e2f91fd431d51lua-libs-0:5.4.4-4.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232570
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

krb5-devel is earlier than 0:1.20.1-8.el9  oval:com.redhat.rhsa:tst:20232570001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637001 of type rpminfo_object
Name
krb5-devel

krb5-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637001 of type rpminfo_object
Name
krb5-devel

krb5-libs is earlier than 0:1.20.1-8.el9  oval:com.redhat.rhsa:tst:20232570003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
krb5-libsaarch64(none)1.el91.21.10:1.21.1-1.el9199e2f91fd431d51krb5-libs-0:1.21.1-1.el9.aarch64

krb5-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
krb5-libsaarch64(none)1.el91.21.10:1.21.1-1.el9199e2f91fd431d51krb5-libs-0:1.21.1-1.el9.aarch64

krb5-pkinit is earlier than 0:1.20.1-8.el9  oval:com.redhat.rhsa:tst:20232570005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637003 of type rpminfo_object
Name
krb5-pkinit

krb5-pkinit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637003 of type rpminfo_object
Name
krb5-pkinit

krb5-server is earlier than 0:1.20.1-8.el9  oval:com.redhat.rhsa:tst:20232570007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637004 of type rpminfo_object
Name
krb5-server

krb5-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637004 of type rpminfo_object
Name
krb5-server

krb5-server-ldap is earlier than 0:1.20.1-8.el9  oval:com.redhat.rhsa:tst:20232570009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637005 of type rpminfo_object
Name
krb5-server-ldap

krb5-server-ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637005 of type rpminfo_object
Name
krb5-server-ldap

krb5-workstation is earlier than 0:1.20.1-8.el9  oval:com.redhat.rhsa:tst:20232570011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637006 of type rpminfo_object
Name
krb5-workstation

krb5-workstation is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637006 of type rpminfo_object
Name
krb5-workstation

libkadm5 is earlier than 0:1.20.1-8.el9  oval:com.redhat.rhsa:tst:20232570013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637007 of type rpminfo_object
Name
libkadm5

libkadm5 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637007 of type rpminfo_object
Name
libkadm5
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232532
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

bsdtar is earlier than 0:3.5.3-4.el9  oval:com.redhat.rhsa:tst:20232532001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225252001 of type rpminfo_object
Name
bsdtar

bsdtar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225252001 of type rpminfo_object
Name
bsdtar

libarchive is earlier than 0:3.5.3-4.el9  oval:com.redhat.rhsa:tst:20232532003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libarchiveaarch64(none)4.el93.5.30:3.5.3-4.el9199e2f91fd431d51libarchive-0:3.5.3-4.el9.aarch64

libarchive is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225252004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libarchiveaarch64(none)4.el93.5.30:3.5.3-4.el9199e2f91fd431d51libarchive-0:3.5.3-4.el9.aarch64

libarchive-devel is earlier than 0:3.5.3-4.el9  oval:com.redhat.rhsa:tst:20232532005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225252003 of type rpminfo_object
Name
libarchive-devel

libarchive-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225252003 of type rpminfo_object
Name
libarchive-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232523
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

openssl is earlier than 1:3.0.7-6.el9_2  oval:com.redhat.rhsa:tst:20232523001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl-devel is earlier than 1:3.0.7-6.el9_2  oval:com.redhat.rhsa:tst:20232523003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-libs is earlier than 1:3.0.7-6.el9_2  oval:com.redhat.rhsa:tst:20232523005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-perl is earlier than 1:3.0.7-6.el9_2  oval:com.redhat.rhsa:tst:20232523007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl

openssl-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232519
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ctdb is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

ctdb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

libnetapi is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519002 of type rpminfo_object
Name
libnetapi

libnetapi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519002 of type rpminfo_object
Name
libnetapi

libnetapi-devel is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519003 of type rpminfo_object
Name
libnetapi-devel

libnetapi-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519003 of type rpminfo_object
Name
libnetapi-devel

libsmbclient is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient-devel is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libsmbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libwbclient is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient-devel is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

libwbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

python3-samba is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

python3-samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

python3-samba-dc is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519009 of type rpminfo_object
Name
python3-samba-dc

python3-samba-dc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519009 of type rpminfo_object
Name
python3-samba-dc

python3-samba-devel is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519010 of type rpminfo_object
Name
python3-samba-devel

python3-samba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519010 of type rpminfo_object
Name
python3-samba-devel

python3-samba-test is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519011 of type rpminfo_object
Name
python3-samba-test

python3-samba-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519011 of type rpminfo_object
Name
python3-samba-test

samba is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba-client is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client-libs is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519027  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-client-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-common is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317020  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common-libs is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519031  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317022  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-tools is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-common-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-dc-libs is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519018 of type rpminfo_object
Name
samba-dc-libs

samba-dc-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519018 of type rpminfo_object
Name
samba-dc-libs

samba-dcerpc is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519019 of type rpminfo_object
Name
samba-dcerpc

samba-dcerpc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519019 of type rpminfo_object
Name
samba-dcerpc

samba-devel is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-krb5-printing is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-krb5-printing is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-ldb-ldap-modules is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519022 of type rpminfo_object
Name
samba-ldb-ldap-modules

samba-ldb-ldap-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519022 of type rpminfo_object
Name
samba-ldb-ldap-modules

samba-libs is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-pidl is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-pidl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-test is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test-libs is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-test-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-tools is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519027 of type rpminfo_object
Name
samba-tools

samba-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519027 of type rpminfo_object
Name
samba-tools

samba-usershares is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519028 of type rpminfo_object
Name
samba-usershares

samba-usershares is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232519056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232519028 of type rpminfo_object
Name
samba-usershares

samba-vfs-iouring is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-vfs-iouring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-winbind is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind-clients is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-clients is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-krb5-locator is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-krb5-locator is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-modules is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519065  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winbind-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winexe is earlier than 0:4.17.5-102.el9  oval:com.redhat.rhsa:tst:20232519067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe

samba-winexe is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232502
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

dhcp-client is earlier than 12:4.4.2-18.b1.el9  oval:com.redhat.rhsa:tst:20232502001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385001 of type rpminfo_object
Name
dhcp-client

dhcp-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228385002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385001 of type rpminfo_object
Name
dhcp-client

dhcp-common is earlier than 12:4.4.2-18.b1.el9  oval:com.redhat.rhsa:tst:20232502003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385002 of type rpminfo_object
Name
dhcp-common

dhcp-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228385004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385002 of type rpminfo_object
Name
dhcp-common

dhcp-relay is earlier than 12:4.4.2-18.b1.el9  oval:com.redhat.rhsa:tst:20232502005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385003 of type rpminfo_object
Name
dhcp-relay

dhcp-relay is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228385006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385003 of type rpminfo_object
Name
dhcp-relay

dhcp-server is earlier than 12:4.4.2-18.b1.el9  oval:com.redhat.rhsa:tst:20232502007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385004 of type rpminfo_object
Name
dhcp-server

dhcp-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228385008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385004 of type rpminfo_object
Name
dhcp-server
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232487
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

fwupd is earlier than 0:1.8.10-2.el9  oval:com.redhat.rhsa:tst:20232487001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
fwupdaarch64(none)1.el91.8.160:1.8.16-1.el9199e2f91fd431d51fwupd-0:1.8.16-1.el9.aarch64

fwupd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232487002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
fwupdaarch64(none)1.el91.8.160:1.8.16-1.el9199e2f91fd431d51fwupd-0:1.8.16-1.el9.aarch64

fwupd-devel is earlier than 0:1.8.10-2.el9  oval:com.redhat.rhsa:tst:20232487003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232487002 of type rpminfo_object
Name
fwupd-devel

fwupd-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232487004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232487002 of type rpminfo_object
Name
fwupd-devel

fwupd-plugin-flashrom is earlier than 0:1.8.10-2.el9  oval:com.redhat.rhsa:tst:20232487005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
fwupd-plugin-flashromaarch64(none)1.el91.8.160:1.8.16-1.el9199e2f91fd431d51fwupd-plugin-flashrom-0:1.8.16-1.el9.aarch64

fwupd-plugin-flashrom is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232487006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
fwupd-plugin-flashromaarch64(none)1.el91.8.160:1.8.16-1.el9199e2f91fd431d51fwupd-plugin-flashrom-0:1.8.16-1.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232478
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

curl is earlier than 0:7.76.1-23.el9  oval:com.redhat.rhsa:tst:20232478001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl-minimal is earlier than 0:7.76.1-23.el9  oval:com.redhat.rhsa:tst:20232478003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

curl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

libcurl is earlier than 0:7.76.1-23.el9  oval:com.redhat.rhsa:tst:20232478005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl-devel is earlier than 0:7.76.1-23.el9  oval:com.redhat.rhsa:tst:20232478007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-minimal is earlier than 0:7.76.1-23.el9  oval:com.redhat.rhsa:tst:20232478009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal

libcurl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232459
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

device-mapper-multipath is earlier than 0:0.8.7-20.el9  oval:com.redhat.rhsa:tst:20232459001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
device-mapper-multipathaarch64(none)22.el90.8.70:0.8.7-22.el9199e2f91fd431d51device-mapper-multipath-0:0.8.7-22.el9.aarch64

device-mapper-multipath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227185002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
device-mapper-multipathaarch64(none)22.el90.8.70:0.8.7-22.el9199e2f91fd431d51device-mapper-multipath-0:0.8.7-22.el9.aarch64

device-mapper-multipath-devel is earlier than 0:0.8.7-20.el9  oval:com.redhat.rhsa:tst:20232459003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232459002 of type rpminfo_object
Name
device-mapper-multipath-devel

device-mapper-multipath-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232459004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232459002 of type rpminfo_object
Name
device-mapper-multipath-devel

device-mapper-multipath-libs is earlier than 0:0.8.7-20.el9  oval:com.redhat.rhsa:tst:20232459005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
device-mapper-multipath-libsaarch64(none)22.el90.8.70:0.8.7-22.el9199e2f91fd431d51device-mapper-multipath-libs-0:0.8.7-22.el9.aarch64

device-mapper-multipath-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232459006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
device-mapper-multipath-libsaarch64(none)22.el90.8.70:0.8.7-22.el9199e2f91fd431d51device-mapper-multipath-libs-0:0.8.7-22.el9.aarch64

kpartx is earlier than 0:0.8.7-20.el9  oval:com.redhat.rhsa:tst:20232459007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kpartxaarch64(none)22.el90.8.70:0.8.7-22.el9199e2f91fd431d51kpartx-0:0.8.7-22.el9.aarch64

kpartx is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232459008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kpartxaarch64(none)22.el90.8.70:0.8.7-22.el9199e2f91fd431d51kpartx-0:0.8.7-22.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232458
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-284.11.1.rt14.296.el9_2 is currently running  oval:com.redhat.rhsa:tst:20232148029  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-284.11.1.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20232458098  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458051 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:7.0.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-64k is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458003 of type rpminfo_object
Name
kernel-64k

kernel-64k is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458003 of type rpminfo_object
Name
kernel-64k

kernel-64k-core is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458004 of type rpminfo_object
Name
kernel-64k-core

kernel-64k-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458004 of type rpminfo_object
Name
kernel-64k-core

kernel-64k-debug is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458005 of type rpminfo_object
Name
kernel-64k-debug

kernel-64k-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458005 of type rpminfo_object
Name
kernel-64k-debug

kernel-64k-debug-core is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458006 of type rpminfo_object
Name
kernel-64k-debug-core

kernel-64k-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458006 of type rpminfo_object
Name
kernel-64k-debug-core

kernel-64k-debug-devel is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458007 of type rpminfo_object
Name
kernel-64k-debug-devel

kernel-64k-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458007 of type rpminfo_object
Name
kernel-64k-debug-devel

kernel-64k-debug-devel-matched is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458008 of type rpminfo_object
Name
kernel-64k-debug-devel-matched

kernel-64k-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458008 of type rpminfo_object
Name
kernel-64k-debug-devel-matched

kernel-64k-debug-modules is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458009 of type rpminfo_object
Name
kernel-64k-debug-modules

kernel-64k-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458009 of type rpminfo_object
Name
kernel-64k-debug-modules

kernel-64k-debug-modules-core is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458010 of type rpminfo_object
Name
kernel-64k-debug-modules-core

kernel-64k-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458010 of type rpminfo_object
Name
kernel-64k-debug-modules-core

kernel-64k-debug-modules-extra is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458011 of type rpminfo_object
Name
kernel-64k-debug-modules-extra

kernel-64k-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458011 of type rpminfo_object
Name
kernel-64k-debug-modules-extra

kernel-64k-devel is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458012 of type rpminfo_object
Name
kernel-64k-devel

kernel-64k-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458012 of type rpminfo_object
Name
kernel-64k-devel

kernel-64k-devel-matched is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458013 of type rpminfo_object
Name
kernel-64k-devel-matched

kernel-64k-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458013 of type rpminfo_object
Name
kernel-64k-devel-matched

kernel-64k-modules is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458014 of type rpminfo_object
Name
kernel-64k-modules

kernel-64k-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458014 of type rpminfo_object
Name
kernel-64k-modules

kernel-64k-modules-core is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458015 of type rpminfo_object
Name
kernel-64k-modules-core

kernel-64k-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458015 of type rpminfo_object
Name
kernel-64k-modules-core

kernel-64k-modules-extra is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458016 of type rpminfo_object
Name
kernel-64k-modules-extra

kernel-64k-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458016 of type rpminfo_object
Name
kernel-64k-modules-extra

kernel-abi-stablelists is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-core is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458025 of type rpminfo_object
Name
kernel-debug-modules-core

kernel-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458025 of type rpminfo_object
Name
kernel-debug-modules-core

kernel-debug-modules-extra is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-uki-virt is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458027 of type rpminfo_object
Name
kernel-debug-uki-virt

kernel-debug-uki-virt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458027 of type rpminfo_object
Name
kernel-debug-uki-virt

kernel-devel is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-headers is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-modules is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458063  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-core is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458065  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modules-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modules-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458066  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modules-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modules-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458069  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458071  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458073  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-uki-virt is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458075  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458038 of type rpminfo_object
Name
kernel-uki-virt

kernel-uki-virt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458076  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458038 of type rpminfo_object
Name
kernel-uki-virt

kernel-zfcpdump is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458077  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458079  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458081  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458083  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458085  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-core is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458087  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458044 of type rpminfo_object
Name
kernel-zfcpdump-modules-core

kernel-zfcpdump-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458088  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458044 of type rpminfo_object
Name
kernel-zfcpdump-modules-core

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458089  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458091  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458093  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

rtla is earlier than 0:5.14.0-284.11.1.el9_2  oval:com.redhat.rhsa:tst:20232458095  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458048 of type rpminfo_object
Name
rtla

rtla is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232458096  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232458048 of type rpminfo_object
Name
rtla
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232453
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libtpms is earlier than 0:0.9.1-3.20211126git1ff6fe1f43.el9_2  oval:com.redhat.rhsa:tst:20232453001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232453001 of type rpminfo_object
Name
libtpms

libtpms is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232453002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232453001 of type rpminfo_object
Name
libtpms
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232444
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

net-snmp is earlier than 1:5.9.1-9.el9  oval:com.redhat.rhsa:tst:20232444001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444001 of type rpminfo_object
Name
net-snmp

net-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232444002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444001 of type rpminfo_object
Name
net-snmp

net-snmp-agent-libs is earlier than 1:5.9.1-9.el9  oval:com.redhat.rhsa:tst:20232444003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444002 of type rpminfo_object
Name
net-snmp-agent-libs

net-snmp-agent-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232444004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444002 of type rpminfo_object
Name
net-snmp-agent-libs

net-snmp-devel is earlier than 1:5.9.1-9.el9  oval:com.redhat.rhsa:tst:20232444005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444003 of type rpminfo_object
Name
net-snmp-devel

net-snmp-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232444006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444003 of type rpminfo_object
Name
net-snmp-devel

net-snmp-libs is earlier than 1:5.9.1-9.el9  oval:com.redhat.rhsa:tst:20232444007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
net-snmp-libsaarch64111.el9_3.15.9.11:5.9.1-11.el9_3.1199e2f91fd431d51net-snmp-libs-1:5.9.1-11.el9_3.1.aarch64

net-snmp-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232444008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
net-snmp-libsaarch64111.el9_3.15.9.11:5.9.1-11.el9_3.1199e2f91fd431d51net-snmp-libs-1:5.9.1-11.el9_3.1.aarch64

net-snmp-perl is earlier than 1:5.9.1-9.el9  oval:com.redhat.rhsa:tst:20232444009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444005 of type rpminfo_object
Name
net-snmp-perl

net-snmp-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232444010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444005 of type rpminfo_object
Name
net-snmp-perl

net-snmp-utils is earlier than 1:5.9.1-9.el9  oval:com.redhat.rhsa:tst:20232444011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444006 of type rpminfo_object
Name
net-snmp-utils

net-snmp-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232444012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444006 of type rpminfo_object
Name
net-snmp-utils

python3-net-snmp is earlier than 1:5.9.1-9.el9  oval:com.redhat.rhsa:tst:20232444013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444007 of type rpminfo_object
Name
python3-net-snmp

python3-net-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232444014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232444007 of type rpminfo_object
Name
python3-net-snmp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232417
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module php:8.1 is enabled  oval:com.redhat.rhsa:tst:20232417063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417032 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/php.module\[php\][\w\W]*1

apcu-panel is earlier than 0:5.1.21-1.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417001 of type rpminfo_object
Name
apcu-panel

apcu-panel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417001 of type rpminfo_object
Name
apcu-panel

php is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php-bcmath is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-bcmath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-cli is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-cli is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-common is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-dba is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dbg is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-dbg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-devel is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-embedded is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-embedded is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-enchant is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-enchant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-ffi is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-ffi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-fpm is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-fpm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-gd is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gmp is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-gmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-intl is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-intl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-ldap is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-mbstring is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mbstring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mysqlnd is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-mysqlnd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-odbc is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-odbc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-opcache is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-opcache is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-pdo is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pdo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pecl-apcu is earlier than 0:5.1.21-1.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417022 of type rpminfo_object
Name
php-pecl-apcu

php-pecl-apcu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417022 of type rpminfo_object
Name
php-pecl-apcu

php-pecl-apcu-devel is earlier than 0:5.1.21-1.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417023 of type rpminfo_object
Name
php-pecl-apcu-devel

php-pecl-apcu-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417023 of type rpminfo_object
Name
php-pecl-apcu-devel

php-pecl-rrd is earlier than 0:2.0.3-4.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417024 of type rpminfo_object
Name
php-pecl-rrd

php-pecl-rrd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417024 of type rpminfo_object
Name
php-pecl-rrd

php-pecl-xdebug3 is earlier than 0:3.1.4-1.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417025 of type rpminfo_object
Name
php-pecl-xdebug3

php-pecl-xdebug3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417025 of type rpminfo_object
Name
php-pecl-xdebug3

php-pecl-zip is earlier than 0:1.20.1-1.module+el9.1.0.z+15477+cb86791d  oval:com.redhat.rhsa:tst:20232417051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417026 of type rpminfo_object
Name
php-pecl-zip

php-pecl-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232417052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232417026 of type rpminfo_object
Name
php-pecl-zip

php-pgsql is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-pgsql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-process is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-process is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-snmp is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-soap is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-soap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-xml is earlier than 0:8.1.14-1.module+el9.2.0+17911+b059dfc2  oval:com.redhat.rhsa:tst:20232417061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml

php-xml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232378
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

postgresql-jdbc is earlier than 0:42.2.27-1.el9  oval:com.redhat.rhsa:tst:20232378001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230318001 of type rpminfo_object
Name
postgresql-jdbc

postgresql-jdbc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230318002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230318001 of type rpminfo_object
Name
postgresql-jdbc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232373
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

wireshark is earlier than 1:3.4.10-4.el9  oval:com.redhat.rhsa:tst:20232373001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373001 of type rpminfo_object
Name
wireshark

wireshark is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232373002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373001 of type rpminfo_object
Name
wireshark

wireshark-cli is earlier than 1:3.4.10-4.el9  oval:com.redhat.rhsa:tst:20232373003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373002 of type rpminfo_object
Name
wireshark-cli

wireshark-cli is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232373004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373002 of type rpminfo_object
Name
wireshark-cli

wireshark-devel is earlier than 1:3.4.10-4.el9  oval:com.redhat.rhsa:tst:20232373005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373003 of type rpminfo_object
Name
wireshark-devel

wireshark-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232373006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232373003 of type rpminfo_object
Name
wireshark-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232370
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-unbound is earlier than 0:1.16.2-3.el9  oval:com.redhat.rhsa:tst:20232370001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062001 of type rpminfo_object
Name
python3-unbound

python3-unbound is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228062002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062001 of type rpminfo_object
Name
python3-unbound

unbound is earlier than 0:1.16.2-3.el9  oval:com.redhat.rhsa:tst:20232370003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062002 of type rpminfo_object
Name
unbound

unbound is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228062004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062002 of type rpminfo_object
Name
unbound

unbound-devel is earlier than 0:1.16.2-3.el9  oval:com.redhat.rhsa:tst:20232370005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062003 of type rpminfo_object
Name
unbound-devel

unbound-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228062006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062003 of type rpminfo_object
Name
unbound-devel

unbound-libs is earlier than 0:1.16.2-3.el9  oval:com.redhat.rhsa:tst:20232370007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062004 of type rpminfo_object
Name
unbound-libs

unbound-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228062008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062004 of type rpminfo_object
Name
unbound-libs
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232367
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

containernetworking-plugins is earlier than 1:1.2.0-1.el9  oval:com.redhat.rhsa:tst:20232367001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
containernetworking-pluginsaarch6416.el9_31.3.01:1.3.0-6.el9_3199e2f91fd431d51containernetworking-plugins-1:1.3.0-6.el9_3.aarch64

containernetworking-plugins is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232367002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
containernetworking-pluginsaarch6416.el9_31.3.01:1.3.0-6.el9_3199e2f91fd431d51containernetworking-plugins-1:1.3.0-6.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232366
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

emacs is earlier than 1:27.2-8.el9  oval:com.redhat.rhsa:tst:20232366001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074001 of type rpminfo_object
Name
emacs

emacs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074001 of type rpminfo_object
Name
emacs

emacs-common is earlier than 1:27.2-8.el9  oval:com.redhat.rhsa:tst:20232366003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074002 of type rpminfo_object
Name
emacs-common

emacs-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074002 of type rpminfo_object
Name
emacs-common

emacs-filesystem is earlier than 1:27.2-8.el9  oval:com.redhat.rhsa:tst:20232366005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
emacs-filesystemnoarch19.el927.21:27.2-9.el9199e2f91fd431d51emacs-filesystem-1:27.2-9.el9.noarch

emacs-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
emacs-filesystemnoarch19.el927.21:27.2-9.el9199e2f91fd431d51emacs-filesystem-1:27.2-9.el9.noarch

emacs-lucid is earlier than 1:27.2-8.el9  oval:com.redhat.rhsa:tst:20232366007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074004 of type rpminfo_object
Name
emacs-lucid

emacs-lucid is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074004 of type rpminfo_object
Name
emacs-lucid

emacs-nox is earlier than 1:27.2-8.el9  oval:com.redhat.rhsa:tst:20232366009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074005 of type rpminfo_object
Name
emacs-nox

emacs-nox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074005 of type rpminfo_object
Name
emacs-nox
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232357
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

git-lfs is earlier than 0:3.2.0-1.el9  oval:com.redhat.rhsa:tst:20232357001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232357001 of type rpminfo_object
Name
git-lfs

git-lfs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232357002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232357001 of type rpminfo_object
Name
git-lfs
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232340
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libtiff is earlier than 0:4.4.0-7.el9  oval:com.redhat.rhsa:tst:20232340001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtiffaarch64(none)10.el94.4.00:4.4.0-10.el9199e2f91fd431d51libtiff-0:4.4.0-10.el9.aarch64

libtiff is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtiffaarch64(none)10.el94.4.00:4.4.0-10.el9199e2f91fd431d51libtiff-0:4.4.0-10.el9.aarch64

libtiff-devel is earlier than 0:4.4.0-7.el9  oval:com.redhat.rhsa:tst:20232340003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194002 of type rpminfo_object
Name
libtiff-devel

libtiff-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194002 of type rpminfo_object
Name
libtiff-devel

libtiff-tools is earlier than 0:4.4.0-7.el9  oval:com.redhat.rhsa:tst:20232340005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194003 of type rpminfo_object
Name
libtiff-tools

libtiff-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194003 of type rpminfo_object
Name
libtiff-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232326
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

freerdp is earlier than 2:2.4.1-5.el9  oval:com.redhat.rhsa:tst:20232326001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232326001 of type rpminfo_object
Name
freerdp

freerdp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232326002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232326001 of type rpminfo_object
Name
freerdp

freerdp-devel is earlier than 2:2.4.1-5.el9  oval:com.redhat.rhsa:tst:20232326003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232326002 of type rpminfo_object
Name
freerdp-devel

freerdp-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232326004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232326002 of type rpminfo_object
Name
freerdp-devel

freerdp-libs is earlier than 2:2.4.1-5.el9  oval:com.redhat.rhsa:tst:20232326005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232326003 of type rpminfo_object
Name
freerdp-libs

freerdp-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232326006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232326003 of type rpminfo_object
Name
freerdp-libs

libwinpr is earlier than 2:2.4.1-5.el9  oval:com.redhat.rhsa:tst:20232326007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232326004 of type rpminfo_object
Name
libwinpr

libwinpr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232326008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232326004 of type rpminfo_object
Name
libwinpr

libwinpr-devel is earlier than 2:2.4.1-5.el9  oval:com.redhat.rhsa:tst:20232326009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232326005 of type rpminfo_object
Name
libwinpr-devel

libwinpr-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232326010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232326005 of type rpminfo_object
Name
libwinpr-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232319
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

git is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gitaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-0:2.39.3-1.el9_2.aarch64

git is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gitaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-0:2.39.3-1.el9_2.aarch64

git-all is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611002 of type rpminfo_object
Name
git-all

git-all is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611002 of type rpminfo_object
Name
git-all

git-core is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-coreaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-0:2.39.3-1.el9_2.aarch64

git-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-coreaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-0:2.39.3-1.el9_2.aarch64

git-core-doc is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-core-docnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-doc-0:2.39.3-1.el9_2.noarch

git-core-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-core-docnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-doc-0:2.39.3-1.el9_2.noarch

git-credential-libsecret is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611005 of type rpminfo_object
Name
git-credential-libsecret

git-credential-libsecret is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611005 of type rpminfo_object
Name
git-credential-libsecret

git-daemon is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611006 of type rpminfo_object
Name
git-daemon

git-daemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611006 of type rpminfo_object
Name
git-daemon

git-email is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611007 of type rpminfo_object
Name
git-email

git-email is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611007 of type rpminfo_object
Name
git-email

git-gui is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611008 of type rpminfo_object
Name
git-gui

git-gui is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611008 of type rpminfo_object
Name
git-gui

git-instaweb is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611009 of type rpminfo_object
Name
git-instaweb

git-instaweb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611009 of type rpminfo_object
Name
git-instaweb

git-subtree is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611010 of type rpminfo_object
Name
git-subtree

git-subtree is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611010 of type rpminfo_object
Name
git-subtree

git-svn is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611011 of type rpminfo_object
Name
git-svn

git-svn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611011 of type rpminfo_object
Name
git-svn

gitk is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611012 of type rpminfo_object
Name
gitk

gitk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611012 of type rpminfo_object
Name
gitk

gitweb is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611013 of type rpminfo_object
Name
gitweb

gitweb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611013 of type rpminfo_object
Name
gitweb

perl-Git is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319027  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
perl-Gitnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51perl-Git-0:2.39.3-1.el9_2.noarch

perl-Git is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611028  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
perl-Gitnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51perl-Git-0:2.39.3-1.el9_2.noarch

perl-Git-SVN is earlier than 0:2.39.1-1.el9  oval:com.redhat.rhsa:tst:20232319029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611015 of type rpminfo_object
Name
perl-Git-SVN

perl-Git-SVN is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611015 of type rpminfo_object
Name
perl-Git-SVN
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232312
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pki-jackson-databind is earlier than 0:2.14.1-2.el9  oval:com.redhat.rhsa:tst:20232312001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232312001 of type rpminfo_object
Name
pki-jackson-databind

pki-jackson-databind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232312002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232312001 of type rpminfo_object
Name
pki-jackson-databind
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232293
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

idm-pki-acme is earlier than 0:11.3.0-1.el9  oval:com.redhat.rhsa:tst:20232293001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293001 of type rpminfo_object
Name
idm-pki-acme

idm-pki-acme is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232293002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293001 of type rpminfo_object
Name
idm-pki-acme

idm-pki-base is earlier than 0:11.3.0-1.el9  oval:com.redhat.rhsa:tst:20232293003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293002 of type rpminfo_object
Name
idm-pki-base

idm-pki-base is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232293004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293002 of type rpminfo_object
Name
idm-pki-base

idm-pki-ca is earlier than 0:11.3.0-1.el9  oval:com.redhat.rhsa:tst:20232293005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293003 of type rpminfo_object
Name
idm-pki-ca

idm-pki-ca is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232293006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293003 of type rpminfo_object
Name
idm-pki-ca

idm-pki-est is earlier than 0:11.3.0-1.el9  oval:com.redhat.rhsa:tst:20232293007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293004 of type rpminfo_object
Name
idm-pki-est

idm-pki-est is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232293008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293004 of type rpminfo_object
Name
idm-pki-est

idm-pki-java is earlier than 0:11.3.0-1.el9  oval:com.redhat.rhsa:tst:20232293009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293005 of type rpminfo_object
Name
idm-pki-java

idm-pki-java is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232293010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293005 of type rpminfo_object
Name
idm-pki-java

idm-pki-kra is earlier than 0:11.3.0-1.el9  oval:com.redhat.rhsa:tst:20232293011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293006 of type rpminfo_object
Name
idm-pki-kra

idm-pki-kra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232293012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293006 of type rpminfo_object
Name
idm-pki-kra

idm-pki-server is earlier than 0:11.3.0-1.el9  oval:com.redhat.rhsa:tst:20232293013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293007 of type rpminfo_object
Name
idm-pki-server

idm-pki-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232293014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293007 of type rpminfo_object
Name
idm-pki-server

idm-pki-tools is earlier than 0:11.3.0-1.el9  oval:com.redhat.rhsa:tst:20232293015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293008 of type rpminfo_object
Name
idm-pki-tools

idm-pki-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232293016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293008 of type rpminfo_object
Name
idm-pki-tools

python3-idm-pki is earlier than 0:11.3.0-1.el9  oval:com.redhat.rhsa:tst:20232293017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293009 of type rpminfo_object
Name
python3-idm-pki

python3-idm-pki is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232293018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232293009 of type rpminfo_object
Name
python3-idm-pki
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232283
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

skopeo is earlier than 2:1.11.2-0.1.el9  oval:com.redhat.rhsa:tst:20232283001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955001 of type rpminfo_object
Name
skopeo

skopeo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227955002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955001 of type rpminfo_object
Name
skopeo

skopeo-tests is earlier than 2:1.11.2-0.1.el9  oval:com.redhat.rhsa:tst:20232283003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955002 of type rpminfo_object
Name
skopeo-tests

skopeo-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227955004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955002 of type rpminfo_object
Name
skopeo-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232282
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

podman is earlier than 2:4.4.1-3.el9  oval:com.redhat.rhsa:tst:20232282001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
podmanaarch6427.el9_34.6.12:4.6.1-7.el9_3199e2f91fd431d51podman-2:4.6.1-7.el9_3.aarch64

podman is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
podmanaarch6427.el9_34.6.12:4.6.1-7.el9_3199e2f91fd431d51podman-2:4.6.1-7.el9_3.aarch64

podman-docker is earlier than 2:4.4.1-3.el9  oval:com.redhat.rhsa:tst:20232282003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954002 of type rpminfo_object
Name
podman-docker

podman-docker is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954002 of type rpminfo_object
Name
podman-docker

podman-gvproxy is earlier than 2:4.4.1-3.el9  oval:com.redhat.rhsa:tst:20232282005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954003 of type rpminfo_object
Name
podman-gvproxy

podman-gvproxy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954003 of type rpminfo_object
Name
podman-gvproxy

podman-plugins is earlier than 2:4.4.1-3.el9  oval:com.redhat.rhsa:tst:20232282007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954004 of type rpminfo_object
Name
podman-plugins

podman-plugins is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954004 of type rpminfo_object
Name
podman-plugins

podman-remote is earlier than 2:4.4.1-3.el9  oval:com.redhat.rhsa:tst:20232282009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954005 of type rpminfo_object
Name
podman-remote

podman-remote is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954005 of type rpminfo_object
Name
podman-remote

podman-tests is earlier than 2:4.4.1-3.el9  oval:com.redhat.rhsa:tst:20232282011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954006 of type rpminfo_object
Name
podman-tests

podman-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954006 of type rpminfo_object
Name
podman-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232261
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

bind is earlier than 32:9.16.23-11.el9  oval:com.redhat.rhsa:tst:20232261001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763001 of type rpminfo_object
Name
bind

bind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763001 of type rpminfo_object
Name
bind

bind-chroot is earlier than 32:9.16.23-11.el9  oval:com.redhat.rhsa:tst:20232261003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763002 of type rpminfo_object
Name
bind-chroot

bind-chroot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763002 of type rpminfo_object
Name
bind-chroot

bind-devel is earlier than 32:9.16.23-11.el9  oval:com.redhat.rhsa:tst:20232261005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763003 of type rpminfo_object
Name
bind-devel

bind-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763003 of type rpminfo_object
Name
bind-devel

bind-dnssec-doc is earlier than 32:9.16.23-11.el9  oval:com.redhat.rhsa:tst:20232261007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763004 of type rpminfo_object
Name
bind-dnssec-doc

bind-dnssec-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763004 of type rpminfo_object
Name
bind-dnssec-doc

bind-dnssec-utils is earlier than 32:9.16.23-11.el9  oval:com.redhat.rhsa:tst:20232261009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763005 of type rpminfo_object
Name
bind-dnssec-utils

bind-dnssec-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763005 of type rpminfo_object
Name
bind-dnssec-utils

bind-doc is earlier than 32:9.16.23-11.el9  oval:com.redhat.rhsa:tst:20232261011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228068006 of type rpminfo_object
Name
bind-doc

bind-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228068012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228068006 of type rpminfo_object
Name
bind-doc

bind-libs is earlier than 32:9.16.23-11.el9  oval:com.redhat.rhsa:tst:20232261013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-libsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-libs-32:9.16.23-14.el9_3.aarch64

bind-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-libsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-libs-32:9.16.23-14.el9_3.aarch64

bind-license is earlier than 32:9.16.23-11.el9  oval:com.redhat.rhsa:tst:20232261015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-licensenoarch3214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-license-32:9.16.23-14.el9_3.noarch

bind-license is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-licensenoarch3214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-license-32:9.16.23-14.el9_3.noarch

bind-utils is earlier than 32:9.16.23-11.el9  oval:com.redhat.rhsa:tst:20232261017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-utilsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-utils-32:9.16.23-14.el9_3.aarch64

bind-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-utilsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-utils-32:9.16.23-14.el9_3.aarch64

python3-bind is earlier than 32:9.16.23-11.el9  oval:com.redhat.rhsa:tst:20232261019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763009 of type rpminfo_object
Name
python3-bind

python3-bind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763009 of type rpminfo_object
Name
python3-bind
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232260
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gstreamer1-plugins-good is earlier than 0:1.18.4-6.el9  oval:com.redhat.rhsa:tst:20232260001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gstreamer1-plugins-goodaarch64(none)1.el91.22.10:1.22.1-1.el9199e2f91fd431d51gstreamer1-plugins-good-0:1.22.1-1.el9.aarch64

gstreamer1-plugins-good is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232260002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gstreamer1-plugins-goodaarch64(none)1.el91.22.10:1.22.1-1.el9199e2f91fd431d51gstreamer1-plugins-good-0:1.22.1-1.el9.aarch64

gstreamer1-plugins-good-gtk is earlier than 0:1.18.4-6.el9  oval:com.redhat.rhsa:tst:20232260003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gstreamer1-plugins-good-gtkaarch64(none)1.el91.22.10:1.22.1-1.el9199e2f91fd431d51gstreamer1-plugins-good-gtk-0:1.22.1-1.el9.aarch64

gstreamer1-plugins-good-gtk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232260004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gstreamer1-plugins-good-gtkaarch64(none)1.el91.22.10:1.22.1-1.el9199e2f91fd431d51gstreamer1-plugins-good-gtk-0:1.22.1-1.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232259
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

poppler is earlier than 0:21.01.0-14.el9  oval:com.redhat.rhsa:tst:20232259001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppleraarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-0:21.01.0-18.el9.aarch64

poppler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppleraarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-0:21.01.0-18.el9.aarch64

poppler-cpp is earlier than 0:21.01.0-14.el9  oval:com.redhat.rhsa:tst:20232259003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-cppaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-cpp-0:21.01.0-18.el9.aarch64

poppler-cpp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-cppaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-cpp-0:21.01.0-18.el9.aarch64

poppler-cpp-devel is earlier than 0:21.01.0-14.el9  oval:com.redhat.rhsa:tst:20232259005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151003 of type rpminfo_object
Name
poppler-cpp-devel

poppler-cpp-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151003 of type rpminfo_object
Name
poppler-cpp-devel

poppler-devel is earlier than 0:21.01.0-14.el9  oval:com.redhat.rhsa:tst:20232259007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151004 of type rpminfo_object
Name
poppler-devel

poppler-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151004 of type rpminfo_object
Name
poppler-devel

poppler-glib is earlier than 0:21.01.0-14.el9  oval:com.redhat.rhsa:tst:20232259009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-glibaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-glib-0:21.01.0-18.el9.aarch64

poppler-glib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-glibaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-glib-0:21.01.0-18.el9.aarch64

poppler-glib-devel is earlier than 0:21.01.0-14.el9  oval:com.redhat.rhsa:tst:20232259011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151006 of type rpminfo_object
Name
poppler-glib-devel

poppler-glib-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151006 of type rpminfo_object
Name
poppler-glib-devel

poppler-qt5 is earlier than 0:21.01.0-14.el9  oval:com.redhat.rhsa:tst:20232259013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151007 of type rpminfo_object
Name
poppler-qt5

poppler-qt5 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151007 of type rpminfo_object
Name
poppler-qt5

poppler-qt5-devel is earlier than 0:21.01.0-14.el9  oval:com.redhat.rhsa:tst:20232259015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151008 of type rpminfo_object
Name
poppler-qt5-devel

poppler-qt5-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151008 of type rpminfo_object
Name
poppler-qt5-devel

poppler-utils is earlier than 0:21.01.0-14.el9  oval:com.redhat.rhsa:tst:20232259017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-utilsaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-utils-0:21.01.0-18.el9.aarch64

poppler-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-utilsaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-utils-0:21.01.0-18.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232258
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-mako is earlier than 0:1.1.4-6.el9  oval:com.redhat.rhsa:tst:20232258001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232258001 of type rpminfo_object
Name
python3-mako

python3-mako is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232258002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232258001 of type rpminfo_object
Name
python3-mako
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232257
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tigervnc is earlier than 0:1.12.0-13.el9_2  oval:com.redhat.rhsa:tst:20232257001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622001 of type rpminfo_object
Name
tigervnc

tigervnc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622001 of type rpminfo_object
Name
tigervnc

tigervnc-icons is earlier than 0:1.12.0-13.el9_2  oval:com.redhat.rhsa:tst:20232257003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622002 of type rpminfo_object
Name
tigervnc-icons

tigervnc-icons is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622002 of type rpminfo_object
Name
tigervnc-icons

tigervnc-license is earlier than 0:1.12.0-13.el9_2  oval:com.redhat.rhsa:tst:20232257005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622003 of type rpminfo_object
Name
tigervnc-license

tigervnc-license is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622003 of type rpminfo_object
Name
tigervnc-license

tigervnc-selinux is earlier than 0:1.12.0-13.el9_2  oval:com.redhat.rhsa:tst:20232257007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622004 of type rpminfo_object
Name
tigervnc-selinux

tigervnc-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622004 of type rpminfo_object
Name
tigervnc-selinux

tigervnc-server is earlier than 0:1.12.0-13.el9_2  oval:com.redhat.rhsa:tst:20232257009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622005 of type rpminfo_object
Name
tigervnc-server

tigervnc-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622005 of type rpminfo_object
Name
tigervnc-server

tigervnc-server-minimal is earlier than 0:1.12.0-13.el9_2  oval:com.redhat.rhsa:tst:20232257011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622006 of type rpminfo_object
Name
tigervnc-server-minimal

tigervnc-server-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622006 of type rpminfo_object
Name
tigervnc-server-minimal

tigervnc-server-module is earlier than 0:1.12.0-13.el9_2  oval:com.redhat.rhsa:tst:20232257013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622007 of type rpminfo_object
Name
tigervnc-server-module

tigervnc-server-module is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622007 of type rpminfo_object
Name
tigervnc-server-module
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232256
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

webkit2gtk3 is earlier than 0:2.38.5-1.el9  oval:com.redhat.rhsa:tst:20232256001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-devel is earlier than 0:2.38.5-1.el9  oval:com.redhat.rhsa:tst:20232256003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-jsc is earlier than 0:2.38.5-1.el9  oval:com.redhat.rhsa:tst:20232256005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc-devel is earlier than 0:2.38.5-1.el9  oval:com.redhat.rhsa:tst:20232256007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel

webkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232253
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

buildah is earlier than 1:1.29.1-1.el9  oval:com.redhat.rhsa:tst:20232253001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
buildahaarch6412.el9_31.31.31:1.31.3-2.el9_3199e2f91fd431d51buildah-1:1.31.3-2.el9_3.aarch64

buildah is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228008002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
buildahaarch6412.el9_31.31.31:1.31.3-2.el9_3199e2f91fd431d51buildah-1:1.31.3-2.el9_3.aarch64

buildah-tests is earlier than 1:1.29.1-1.el9  oval:com.redhat.rhsa:tst:20232253003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228008002 of type rpminfo_object
Name
buildah-tests

buildah-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228008004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228008002 of type rpminfo_object
Name
buildah-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232249
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

xorg-x11-server-Xwayland is earlier than 0:21.1.3-7.el9  oval:com.redhat.rhsa:tst:20232249001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xwaylandaarch64(none)2.el922.1.90:22.1.9-2.el9199e2f91fd431d51xorg-x11-server-Xwayland-0:22.1.9-2.el9.aarch64

xorg-x11-server-Xwayland is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228222002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xwaylandaarch64(none)2.el922.1.90:22.1.9-2.el9199e2f91fd431d51xorg-x11-server-Xwayland-0:22.1.9-2.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232248
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

xorg-x11-server-Xdmx is earlier than 0:1.20.11-17.el9  oval:com.redhat.rhsa:tst:20232248001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221001 of type rpminfo_object
Name
xorg-x11-server-Xdmx

xorg-x11-server-Xdmx is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221001 of type rpminfo_object
Name
xorg-x11-server-Xdmx

xorg-x11-server-Xephyr is earlier than 0:1.20.11-17.el9  oval:com.redhat.rhsa:tst:20232248003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221002 of type rpminfo_object
Name
xorg-x11-server-Xephyr

xorg-x11-server-Xephyr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221002 of type rpminfo_object
Name
xorg-x11-server-Xephyr

xorg-x11-server-Xnest is earlier than 0:1.20.11-17.el9  oval:com.redhat.rhsa:tst:20232248005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221003 of type rpminfo_object
Name
xorg-x11-server-Xnest

xorg-x11-server-Xnest is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221003 of type rpminfo_object
Name
xorg-x11-server-Xnest

xorg-x11-server-Xorg is earlier than 0:1.20.11-17.el9  oval:com.redhat.rhsa:tst:20232248007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xorgaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-Xorg-0:1.20.11-19.el9.aarch64

xorg-x11-server-Xorg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xorgaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-Xorg-0:1.20.11-19.el9.aarch64

xorg-x11-server-Xvfb is earlier than 0:1.20.11-17.el9  oval:com.redhat.rhsa:tst:20232248009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221005 of type rpminfo_object
Name
xorg-x11-server-Xvfb

xorg-x11-server-Xvfb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221005 of type rpminfo_object
Name
xorg-x11-server-Xvfb

xorg-x11-server-common is earlier than 0:1.20.11-17.el9  oval:com.redhat.rhsa:tst:20232248011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-commonaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-common-0:1.20.11-19.el9.aarch64

xorg-x11-server-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-commonaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-common-0:1.20.11-19.el9.aarch64

xorg-x11-server-devel is earlier than 0:1.20.11-17.el9  oval:com.redhat.rhsa:tst:20232248013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221007 of type rpminfo_object
Name
xorg-x11-server-devel

xorg-x11-server-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221007 of type rpminfo_object
Name
xorg-x11-server-devel

xorg-x11-server-source is earlier than 0:1.20.11-17.el9  oval:com.redhat.rhsa:tst:20232248015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221008 of type rpminfo_object
Name
xorg-x11-server-source

xorg-x11-server-source is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221008 of type rpminfo_object
Name
xorg-x11-server-source
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232236
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

toolbox is earlier than 0:0.0.99.3-9.el9  oval:com.redhat.rhsa:tst:20232236001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098001 of type rpminfo_object
Name
toolbox

toolbox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228098002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098001 of type rpminfo_object
Name
toolbox

toolbox-tests is earlier than 0:0.0.99.3-9.el9  oval:com.redhat.rhsa:tst:20232236003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098002 of type rpminfo_object
Name
toolbox-tests

toolbox-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228098004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098002 of type rpminfo_object
Name
toolbox-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232234
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

sysstat is earlier than 0:12.5.4-5.el9  oval:com.redhat.rhsa:tst:20232234001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232234001 of type rpminfo_object
Name
sysstat

sysstat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232234002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232234001 of type rpminfo_object
Name
sysstat
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232222
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

conmon is earlier than 2:2.1.7-1.el9_2  oval:com.redhat.rhsa:tst:20232222001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
conmonaarch6421.el92.1.82:2.1.8-1.el9199e2f91fd431d51conmon-2:2.1.8-1.el9.aarch64

conmon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232222002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
conmonaarch6421.el92.1.82:2.1.8-1.el9199e2f91fd431d51conmon-2:2.1.8-1.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232216
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gdk-pixbuf2 is earlier than 0:2.42.6-3.el9  oval:com.redhat.rhsa:tst:20232216001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gdk-pixbuf2aarch64(none)3.el92.42.60:2.42.6-3.el9199e2f91fd431d51gdk-pixbuf2-0:2.42.6-3.el9.aarch64

gdk-pixbuf2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232216002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gdk-pixbuf2aarch64(none)3.el92.42.60:2.42.6-3.el9199e2f91fd431d51gdk-pixbuf2-0:2.42.6-3.el9.aarch64

gdk-pixbuf2-devel is earlier than 0:2.42.6-3.el9  oval:com.redhat.rhsa:tst:20232216003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232216002 of type rpminfo_object
Name
gdk-pixbuf2-devel

gdk-pixbuf2-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232216004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232216002 of type rpminfo_object
Name
gdk-pixbuf2-devel

gdk-pixbuf2-modules is earlier than 0:2.42.6-3.el9  oval:com.redhat.rhsa:tst:20232216005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gdk-pixbuf2-modulesaarch64(none)3.el92.42.60:2.42.6-3.el9199e2f91fd431d51gdk-pixbuf2-modules-0:2.42.6-3.el9.aarch64

gdk-pixbuf2-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232216006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gdk-pixbuf2-modulesaarch64(none)3.el92.42.60:2.42.6-3.el9199e2f91fd431d51gdk-pixbuf2-modules-0:2.42.6-3.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232204
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

weldr-client is earlier than 0:35.9-1.el9  oval:com.redhat.rhsa:tst:20232204001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227950001 of type rpminfo_object
Name
weldr-client

weldr-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227950002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227950001 of type rpminfo_object
Name
weldr-client

osbuild-composer is earlier than 0:76-2.el9_2  oval:com.redhat.rhsa:tst:20232204003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232204002 of type rpminfo_object
Name
osbuild-composer

osbuild-composer is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232204004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232204002 of type rpminfo_object
Name
osbuild-composer

osbuild-composer-core is earlier than 0:76-2.el9_2  oval:com.redhat.rhsa:tst:20232204005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232204003 of type rpminfo_object
Name
osbuild-composer-core

osbuild-composer-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232204006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232204003 of type rpminfo_object
Name
osbuild-composer-core

osbuild-composer-dnf-json is earlier than 0:76-2.el9_2  oval:com.redhat.rhsa:tst:20232204007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232204004 of type rpminfo_object
Name
osbuild-composer-dnf-json

osbuild-composer-dnf-json is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232204008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232204004 of type rpminfo_object
Name
osbuild-composer-dnf-json

osbuild-composer-worker is earlier than 0:76-2.el9_2  oval:com.redhat.rhsa:tst:20232204009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232204005 of type rpminfo_object
Name
osbuild-composer-worker

osbuild-composer-worker is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232204010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232204005 of type rpminfo_object
Name
osbuild-composer-worker
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232202
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

frr is earlier than 0:8.3.1-5.el9  oval:com.redhat.rhsa:tst:20232202001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228112001 of type rpminfo_object
Name
frr

frr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228112002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228112001 of type rpminfo_object
Name
frr

frr-selinux is earlier than 0:8.3.1-5.el9  oval:com.redhat.rhsa:tst:20232202003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232202002 of type rpminfo_object
Name
frr-selinux

frr-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232202004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232202002 of type rpminfo_object
Name
frr-selinux
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232193
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

butane is earlier than 0:0.16.0-1.el9  oval:com.redhat.rhsa:tst:20232193001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232193001 of type rpminfo_object
Name
butane

butane is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232193002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232193001 of type rpminfo_object
Name
butane
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232179
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libguestfs-winsupport is earlier than 0:9.2-1.el9  oval:com.redhat.rhsa:tst:20232179001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232179001 of type rpminfo_object
Name
libguestfs-winsupport

libguestfs-winsupport is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232179002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232179001 of type rpminfo_object
Name
libguestfs-winsupport
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232177
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

grafana-pcp is earlier than 0:5.1.1-1.el9  oval:com.redhat.rhsa:tst:20232177001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228250001 of type rpminfo_object
Name
grafana-pcp

grafana-pcp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228250002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228250001 of type rpminfo_object
Name
grafana-pcp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232167
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

grafana is earlier than 0:9.0.9-2.el9  oval:com.redhat.rhsa:tst:20232167001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana

grafana is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225716002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232166
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

freeradius is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166001 of type rpminfo_object
Name
freeradius

freeradius is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166001 of type rpminfo_object
Name
freeradius

freeradius-devel is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166002 of type rpminfo_object
Name
freeradius-devel

freeradius-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166002 of type rpminfo_object
Name
freeradius-devel

freeradius-doc is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166003 of type rpminfo_object
Name
freeradius-doc

freeradius-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166003 of type rpminfo_object
Name
freeradius-doc

freeradius-krb5 is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166004 of type rpminfo_object
Name
freeradius-krb5

freeradius-krb5 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166004 of type rpminfo_object
Name
freeradius-krb5

freeradius-ldap is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166005 of type rpminfo_object
Name
freeradius-ldap

freeradius-ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166005 of type rpminfo_object
Name
freeradius-ldap

freeradius-mysql is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166006 of type rpminfo_object
Name
freeradius-mysql

freeradius-mysql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166006 of type rpminfo_object
Name
freeradius-mysql

freeradius-perl is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166007 of type rpminfo_object
Name
freeradius-perl

freeradius-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166007 of type rpminfo_object
Name
freeradius-perl

freeradius-postgresql is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166008 of type rpminfo_object
Name
freeradius-postgresql

freeradius-postgresql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166008 of type rpminfo_object
Name
freeradius-postgresql

freeradius-rest is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166009 of type rpminfo_object
Name
freeradius-rest

freeradius-rest is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166009 of type rpminfo_object
Name
freeradius-rest

freeradius-sqlite is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166010 of type rpminfo_object
Name
freeradius-sqlite

freeradius-sqlite is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166010 of type rpminfo_object
Name
freeradius-sqlite

freeradius-unixODBC is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166011 of type rpminfo_object
Name
freeradius-unixODBC

freeradius-unixODBC is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166011 of type rpminfo_object
Name
freeradius-unixODBC

freeradius-utils is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166012 of type rpminfo_object
Name
freeradius-utils

freeradius-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166012 of type rpminfo_object
Name
freeradius-utils

python3-freeradius is earlier than 0:3.0.21-37.el9  oval:com.redhat.rhsa:tst:20232166025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166013 of type rpminfo_object
Name
python3-freeradius

python3-freeradius is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232166026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232166013 of type rpminfo_object
Name
python3-freeradius
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232165
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

edk2-aarch64 is earlier than 0:20221207gitfff6d81270b5-9.el9_2  oval:com.redhat.rhsa:tst:20232165001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165001 of type rpminfo_object
Name
edk2-aarch64

edk2-aarch64 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232165002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165001 of type rpminfo_object
Name
edk2-aarch64

edk2-ovmf is earlier than 0:20221207gitfff6d81270b5-9.el9_2  oval:com.redhat.rhsa:tst:20232165003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165002 of type rpminfo_object
Name
edk2-ovmf

edk2-ovmf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232165004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165002 of type rpminfo_object
Name
edk2-ovmf

edk2-tools is earlier than 0:20221207gitfff6d81270b5-9.el9_2  oval:com.redhat.rhsa:tst:20232165005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165003 of type rpminfo_object
Name
edk2-tools

edk2-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232165006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165003 of type rpminfo_object
Name
edk2-tools

edk2-tools-doc is earlier than 0:20221207gitfff6d81270b5-9.el9_2  oval:com.redhat.rhsa:tst:20232165007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165004 of type rpminfo_object
Name
edk2-tools-doc

edk2-tools-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232165008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232165004 of type rpminfo_object
Name
edk2-tools-doc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232162
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

qemu-guest-agent is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
qemu-guest-agentaarch641716.el9_3.18.0.017:8.0.0-16.el9_3.1199e2f91fd431d51qemu-guest-agent-17:8.0.0-16.el9_3.1.aarch64

qemu-guest-agent is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
qemu-guest-agentaarch641716.el9_3.18.0.017:8.0.0-16.el9_3.1199e2f91fd431d51qemu-guest-agent-17:8.0.0-16.el9_3.1.aarch64

qemu-img is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263002 of type rpminfo_object
Name
qemu-img

qemu-img is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263002 of type rpminfo_object
Name
qemu-img

qemu-kvm is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263003 of type rpminfo_object
Name
qemu-kvm

qemu-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263003 of type rpminfo_object
Name
qemu-kvm

qemu-kvm-audio-pa is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263004 of type rpminfo_object
Name
qemu-kvm-audio-pa

qemu-kvm-audio-pa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263004 of type rpminfo_object
Name
qemu-kvm-audio-pa

qemu-kvm-block-curl is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263005 of type rpminfo_object
Name
qemu-kvm-block-curl

qemu-kvm-block-curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263005 of type rpminfo_object
Name
qemu-kvm-block-curl

qemu-kvm-block-rbd is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263006 of type rpminfo_object
Name
qemu-kvm-block-rbd

qemu-kvm-block-rbd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263006 of type rpminfo_object
Name
qemu-kvm-block-rbd

qemu-kvm-common is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263007 of type rpminfo_object
Name
qemu-kvm-common

qemu-kvm-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263007 of type rpminfo_object
Name
qemu-kvm-common

qemu-kvm-core is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263008 of type rpminfo_object
Name
qemu-kvm-core

qemu-kvm-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263008 of type rpminfo_object
Name
qemu-kvm-core

qemu-kvm-device-display-virtio-gpu is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263009 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu

qemu-kvm-device-display-virtio-gpu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263009 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu

qemu-kvm-device-display-virtio-gpu-ccw is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263010 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-ccw

qemu-kvm-device-display-virtio-gpu-ccw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263010 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-ccw

qemu-kvm-device-display-virtio-gpu-pci is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263012 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci

qemu-kvm-device-display-virtio-gpu-pci is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263012 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci

qemu-kvm-device-display-virtio-vga is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263014 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga

qemu-kvm-device-display-virtio-vga is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263014 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga

qemu-kvm-device-usb-host is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263016 of type rpminfo_object
Name
qemu-kvm-device-usb-host

qemu-kvm-device-usb-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263016 of type rpminfo_object
Name
qemu-kvm-device-usb-host

qemu-kvm-device-usb-redirect is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263017 of type rpminfo_object
Name
qemu-kvm-device-usb-redirect

qemu-kvm-device-usb-redirect is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263017 of type rpminfo_object
Name
qemu-kvm-device-usb-redirect

qemu-kvm-docs is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263018 of type rpminfo_object
Name
qemu-kvm-docs

qemu-kvm-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263018 of type rpminfo_object
Name
qemu-kvm-docs

qemu-kvm-tools is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263019 of type rpminfo_object
Name
qemu-kvm-tools

qemu-kvm-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263019 of type rpminfo_object
Name
qemu-kvm-tools

qemu-kvm-ui-egl-headless is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263020 of type rpminfo_object
Name
qemu-kvm-ui-egl-headless

qemu-kvm-ui-egl-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263020 of type rpminfo_object
Name
qemu-kvm-ui-egl-headless

qemu-kvm-ui-opengl is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263021 of type rpminfo_object
Name
qemu-kvm-ui-opengl

qemu-kvm-ui-opengl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263021 of type rpminfo_object
Name
qemu-kvm-ui-opengl

qemu-pr-helper is earlier than 17:7.2.0-14.el9_2  oval:com.redhat.rhsa:tst:20232162037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263022 of type rpminfo_object
Name
qemu-pr-helper

qemu-pr-helper is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263022 of type rpminfo_object
Name
qemu-pr-helper
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232161
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

fence-agents-aliyun is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161001 of type rpminfo_object
Name
fence-agents-aliyun

fence-agents-aliyun is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161001 of type rpminfo_object
Name
fence-agents-aliyun

fence-agents-all is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161002 of type rpminfo_object
Name
fence-agents-all

fence-agents-all is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161002 of type rpminfo_object
Name
fence-agents-all

fence-agents-amt-ws is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161003 of type rpminfo_object
Name
fence-agents-amt-ws

fence-agents-amt-ws is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161003 of type rpminfo_object
Name
fence-agents-amt-ws

fence-agents-apc is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161004 of type rpminfo_object
Name
fence-agents-apc

fence-agents-apc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161004 of type rpminfo_object
Name
fence-agents-apc

fence-agents-apc-snmp is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161005 of type rpminfo_object
Name
fence-agents-apc-snmp

fence-agents-apc-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161005 of type rpminfo_object
Name
fence-agents-apc-snmp

fence-agents-aws is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161006 of type rpminfo_object
Name
fence-agents-aws

fence-agents-aws is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161006 of type rpminfo_object
Name
fence-agents-aws

fence-agents-azure-arm is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161007 of type rpminfo_object
Name
fence-agents-azure-arm

fence-agents-azure-arm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161007 of type rpminfo_object
Name
fence-agents-azure-arm

fence-agents-bladecenter is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161008 of type rpminfo_object
Name
fence-agents-bladecenter

fence-agents-bladecenter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161008 of type rpminfo_object
Name
fence-agents-bladecenter

fence-agents-brocade is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161009 of type rpminfo_object
Name
fence-agents-brocade

fence-agents-brocade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161009 of type rpminfo_object
Name
fence-agents-brocade

fence-agents-cisco-mds is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161010 of type rpminfo_object
Name
fence-agents-cisco-mds

fence-agents-cisco-mds is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161010 of type rpminfo_object
Name
fence-agents-cisco-mds

fence-agents-cisco-ucs is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161011 of type rpminfo_object
Name
fence-agents-cisco-ucs

fence-agents-cisco-ucs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161011 of type rpminfo_object
Name
fence-agents-cisco-ucs

fence-agents-common is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161012 of type rpminfo_object
Name
fence-agents-common

fence-agents-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161012 of type rpminfo_object
Name
fence-agents-common

fence-agents-compute is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161013 of type rpminfo_object
Name
fence-agents-compute

fence-agents-compute is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161013 of type rpminfo_object
Name
fence-agents-compute

fence-agents-drac5 is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161014 of type rpminfo_object
Name
fence-agents-drac5

fence-agents-drac5 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161014 of type rpminfo_object
Name
fence-agents-drac5

fence-agents-eaton-snmp is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161015 of type rpminfo_object
Name
fence-agents-eaton-snmp

fence-agents-eaton-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161015 of type rpminfo_object
Name
fence-agents-eaton-snmp

fence-agents-emerson is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161016 of type rpminfo_object
Name
fence-agents-emerson

fence-agents-emerson is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161016 of type rpminfo_object
Name
fence-agents-emerson

fence-agents-eps is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161017 of type rpminfo_object
Name
fence-agents-eps

fence-agents-eps is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161017 of type rpminfo_object
Name
fence-agents-eps

fence-agents-gce is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161018 of type rpminfo_object
Name
fence-agents-gce

fence-agents-gce is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161018 of type rpminfo_object
Name
fence-agents-gce

fence-agents-heuristics-ping is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161019 of type rpminfo_object
Name
fence-agents-heuristics-ping

fence-agents-heuristics-ping is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161019 of type rpminfo_object
Name
fence-agents-heuristics-ping

fence-agents-hpblade is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161020 of type rpminfo_object
Name
fence-agents-hpblade

fence-agents-hpblade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161020 of type rpminfo_object
Name
fence-agents-hpblade

fence-agents-ibm-powervs is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161021 of type rpminfo_object
Name
fence-agents-ibm-powervs

fence-agents-ibm-powervs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161021 of type rpminfo_object
Name
fence-agents-ibm-powervs

fence-agents-ibm-vpc is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161022 of type rpminfo_object
Name
fence-agents-ibm-vpc

fence-agents-ibm-vpc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161022 of type rpminfo_object
Name
fence-agents-ibm-vpc

fence-agents-ibmblade is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161023 of type rpminfo_object
Name
fence-agents-ibmblade

fence-agents-ibmblade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161023 of type rpminfo_object
Name
fence-agents-ibmblade

fence-agents-ifmib is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161024 of type rpminfo_object
Name
fence-agents-ifmib

fence-agents-ifmib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161024 of type rpminfo_object
Name
fence-agents-ifmib

fence-agents-ilo-moonshot is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161025 of type rpminfo_object
Name
fence-agents-ilo-moonshot

fence-agents-ilo-moonshot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161025 of type rpminfo_object
Name
fence-agents-ilo-moonshot

fence-agents-ilo-mp is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161026 of type rpminfo_object
Name
fence-agents-ilo-mp

fence-agents-ilo-mp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161026 of type rpminfo_object
Name
fence-agents-ilo-mp

fence-agents-ilo-ssh is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161027 of type rpminfo_object
Name
fence-agents-ilo-ssh

fence-agents-ilo-ssh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161027 of type rpminfo_object
Name
fence-agents-ilo-ssh

fence-agents-ilo2 is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161028 of type rpminfo_object
Name
fence-agents-ilo2

fence-agents-ilo2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161028 of type rpminfo_object
Name
fence-agents-ilo2

fence-agents-intelmodular is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161029 of type rpminfo_object
Name
fence-agents-intelmodular

fence-agents-intelmodular is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161058  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161029 of type rpminfo_object
Name
fence-agents-intelmodular

fence-agents-ipdu is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161030 of type rpminfo_object
Name
fence-agents-ipdu

fence-agents-ipdu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161060  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161030 of type rpminfo_object
Name
fence-agents-ipdu

fence-agents-ipmilan is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161031 of type rpminfo_object
Name
fence-agents-ipmilan

fence-agents-ipmilan is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161062  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161031 of type rpminfo_object
Name
fence-agents-ipmilan

fence-agents-kdump is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161032 of type rpminfo_object
Name
fence-agents-kdump

fence-agents-kdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161064  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161032 of type rpminfo_object
Name
fence-agents-kdump

fence-agents-kubevirt is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161065  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161033 of type rpminfo_object
Name
fence-agents-kubevirt

fence-agents-kubevirt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161066  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161033 of type rpminfo_object
Name
fence-agents-kubevirt

fence-agents-lpar is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161034 of type rpminfo_object
Name
fence-agents-lpar

fence-agents-lpar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161068  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161034 of type rpminfo_object
Name
fence-agents-lpar

fence-agents-mpath is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161069  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161035 of type rpminfo_object
Name
fence-agents-mpath

fence-agents-mpath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161070  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161035 of type rpminfo_object
Name
fence-agents-mpath

fence-agents-openstack is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161071  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161036 of type rpminfo_object
Name
fence-agents-openstack

fence-agents-openstack is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161072  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161036 of type rpminfo_object
Name
fence-agents-openstack

fence-agents-redfish is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161073  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161037 of type rpminfo_object
Name
fence-agents-redfish

fence-agents-redfish is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161074  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161037 of type rpminfo_object
Name
fence-agents-redfish

fence-agents-rhevm is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161075  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161038 of type rpminfo_object
Name
fence-agents-rhevm

fence-agents-rhevm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161076  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161038 of type rpminfo_object
Name
fence-agents-rhevm

fence-agents-rsa is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161077  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161039 of type rpminfo_object
Name
fence-agents-rsa

fence-agents-rsa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161078  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161039 of type rpminfo_object
Name
fence-agents-rsa

fence-agents-rsb is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161079  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161040 of type rpminfo_object
Name
fence-agents-rsb

fence-agents-rsb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161080  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161040 of type rpminfo_object
Name
fence-agents-rsb

fence-agents-sbd is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161081  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161041 of type rpminfo_object
Name
fence-agents-sbd

fence-agents-sbd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161082  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161041 of type rpminfo_object
Name
fence-agents-sbd

fence-agents-scsi is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161083  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161042 of type rpminfo_object
Name
fence-agents-scsi

fence-agents-scsi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161084  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161042 of type rpminfo_object
Name
fence-agents-scsi

fence-agents-virsh is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161085  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161043 of type rpminfo_object
Name
fence-agents-virsh

fence-agents-virsh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161086  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161043 of type rpminfo_object
Name
fence-agents-virsh

fence-agents-vmware-rest is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161087  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161044 of type rpminfo_object
Name
fence-agents-vmware-rest

fence-agents-vmware-rest is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161088  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161044 of type rpminfo_object
Name
fence-agents-vmware-rest

fence-agents-vmware-soap is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161089  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161045 of type rpminfo_object
Name
fence-agents-vmware-soap

fence-agents-vmware-soap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161090  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161045 of type rpminfo_object
Name
fence-agents-vmware-soap

fence-agents-wti is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161091  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161046 of type rpminfo_object
Name
fence-agents-wti

fence-agents-wti is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161092  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161046 of type rpminfo_object
Name
fence-agents-wti

fence-agents-zvm is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161093  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161047 of type rpminfo_object
Name
fence-agents-zvm

fence-agents-zvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161094  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161047 of type rpminfo_object
Name
fence-agents-zvm

fence-virt is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161095  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161048 of type rpminfo_object
Name
fence-virt

fence-virt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161096  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161048 of type rpminfo_object
Name
fence-virt

fence-virtd is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161097  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161049 of type rpminfo_object
Name
fence-virtd

fence-virtd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161098  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161049 of type rpminfo_object
Name
fence-virtd

fence-virtd-cpg is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161099  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161050 of type rpminfo_object
Name
fence-virtd-cpg

fence-virtd-cpg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161100  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161050 of type rpminfo_object
Name
fence-virtd-cpg

fence-virtd-libvirt is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161101  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161051 of type rpminfo_object
Name
fence-virtd-libvirt

fence-virtd-libvirt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161102  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161051 of type rpminfo_object
Name
fence-virtd-libvirt

fence-virtd-multicast is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161103  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161052 of type rpminfo_object
Name
fence-virtd-multicast

fence-virtd-multicast is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161104  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161052 of type rpminfo_object
Name
fence-virtd-multicast

fence-virtd-serial is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161105  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161053 of type rpminfo_object
Name
fence-virtd-serial

fence-virtd-serial is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161106  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161053 of type rpminfo_object
Name
fence-virtd-serial

fence-virtd-tcp is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161107  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161054 of type rpminfo_object
Name
fence-virtd-tcp

fence-virtd-tcp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161108  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161054 of type rpminfo_object
Name
fence-virtd-tcp

ha-cloud-support is earlier than 0:4.10.0-43.el9  oval:com.redhat.rhsa:tst:20232161109  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161055 of type rpminfo_object
Name
ha-cloud-support

ha-cloud-support is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232161110  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232161055 of type rpminfo_object
Name
ha-cloud-support
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232148
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-284.11.1.rt14.296.el9_2 is currently running  oval:com.redhat.rhsa:tst:20232148029  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-284.11.1.rt14.296.el9_2 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20232148030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148017 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-core is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148008 of type rpminfo_object
Name
kernel-rt-debug-modules-core

kernel-rt-debug-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232148016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148008 of type rpminfo_object
Name
kernel-rt-debug-modules-core

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-core is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148013 of type rpminfo_object
Name
kernel-rt-modules-core

kernel-rt-modules-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232148026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232148013 of type rpminfo_object
Name
kernel-rt-modules-core

kernel-rt-modules-extra is earlier than 0:5.14.0-284.11.1.rt14.296.el9_2  oval:com.redhat.rhsa:tst:20232148027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232127
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ctdb is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

ctdb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

libsmbclient is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient-devel is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libsmbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libwbclient is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient-devel is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

libwbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

python3-samba is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

python3-samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

samba is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba-client is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client-libs is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-client-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-common is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127019  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317020  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common-libs is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127021  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317022  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-tools is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-common-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-devel is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-krb5-printing is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-krb5-printing is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-libs is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-pidl is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-pidl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-test is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test-libs is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-test-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-vfs-iouring is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-vfs-iouring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-winbind is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind-clients is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-clients is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-krb5-locator is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-krb5-locator is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-modules is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winbind-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winexe is earlier than 0:4.16.4-103.el9_1  oval:com.redhat.rhsa:tst:20232127047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe

samba-winexe is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232120
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libreswan is earlier than 0:4.6-3.el9_1.1  oval:com.redhat.rhsa:tst:20232120001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232120001 of type rpminfo_object
Name
libreswan

libreswan is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232120002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232120001 of type rpminfo_object
Name
libreswan
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232078
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libwebp is earlier than 0:1.2.0-6.el9_1  oval:com.redhat.rhsa:tst:20232078001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwebpaarch64(none)8.el9_31.2.00:1.2.0-8.el9_3199e2f91fd431d51libwebp-0:1.2.0-8.el9_3.aarch64

libwebp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232078002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwebpaarch64(none)8.el9_31.2.00:1.2.0-8.el9_3199e2f91fd431d51libwebp-0:1.2.0-8.el9_3.aarch64

libwebp-devel is earlier than 0:1.2.0-6.el9_1  oval:com.redhat.rhsa:tst:20232078003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232078002 of type rpminfo_object
Name
libwebp-devel

libwebp-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232078004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232078002 of type rpminfo_object
Name
libwebp-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20232074
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

emacs is earlier than 1:27.2-6.el9_1.1  oval:com.redhat.rhsa:tst:20232074001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074001 of type rpminfo_object
Name
emacs

emacs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074001 of type rpminfo_object
Name
emacs

emacs-common is earlier than 1:27.2-6.el9_1.1  oval:com.redhat.rhsa:tst:20232074003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074002 of type rpminfo_object
Name
emacs-common

emacs-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074002 of type rpminfo_object
Name
emacs-common

emacs-filesystem is earlier than 1:27.2-6.el9_1.1  oval:com.redhat.rhsa:tst:20232074005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
emacs-filesystemnoarch19.el927.21:27.2-9.el9199e2f91fd431d51emacs-filesystem-1:27.2-9.el9.noarch

emacs-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
emacs-filesystemnoarch19.el927.21:27.2-9.el9199e2f91fd431d51emacs-filesystem-1:27.2-9.el9.noarch

emacs-lucid is earlier than 1:27.2-6.el9_1.1  oval:com.redhat.rhsa:tst:20232074007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074004 of type rpminfo_object
Name
emacs-lucid

emacs-lucid is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074004 of type rpminfo_object
Name
emacs-lucid

emacs-nox is earlier than 1:27.2-6.el9_1.1  oval:com.redhat.rhsa:tst:20232074009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074005 of type rpminfo_object
Name
emacs-nox

emacs-nox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20232074010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20232074005 of type rpminfo_object
Name
emacs-nox
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231918
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

webkit2gtk3 is earlier than 0:2.36.7-1.el9_1.3  oval:com.redhat.rhsa:tst:20231918001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-devel is earlier than 0:2.36.7-1.el9_1.3  oval:com.redhat.rhsa:tst:20231918003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-jsc is earlier than 0:2.36.7-1.el9_1.3  oval:com.redhat.rhsa:tst:20231918005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc-devel is earlier than 0:2.36.7-1.el9_1.3  oval:com.redhat.rhsa:tst:20231918007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel

webkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231909
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-1.8.0-openjdk is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk-demo is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo-fastdebug is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-slowdebug is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-devel is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel-fastdebug is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-slowdebug is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-fastdebug is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-headless is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless-fastdebug is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-slowdebug is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-slowdebug is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-src is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src-fastdebug is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-slowdebug is earlier than 1:1.8.0.372.b07-1.el9_1  oval:com.redhat.rhsa:tst:20231909033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug

java-1.8.0-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231880
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-11-openjdk is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk-demo is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo-fastdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-slowdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-devel is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel-fastdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-slowdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-fastdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-headless is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless-fastdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-slowdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-javadoc is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc-zip is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-jmods is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods-fastdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-slowdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-slowdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-src is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src-fastdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-slowdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-static-libs is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs-fastdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-slowdebug is earlier than 1:11.0.19.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231880045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug

java-11-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231879
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-17-openjdk is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk-demo is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo-fastdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-slowdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-devel is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel-fastdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-slowdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-fastdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-headless is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless-fastdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-slowdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-javadoc is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc-zip is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-jmods is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods-fastdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-slowdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-slowdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-src is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src-fastdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-slowdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-static-libs is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs-fastdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-slowdebug is earlier than 1:17.0.7.0.7-1.el9_1  oval:com.redhat.rhsa:tst:20231879045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug

java-17-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231809
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.10.0-2.el9_1  oval:com.redhat.rhsa:tst:20231809001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231786
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.10.0-1.el9_1  oval:com.redhat.rhsa:tst:20231786001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:102.10.0-1.el9_1  oval:com.redhat.rhsa:tst:20231786003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231703
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-162.23.1.rt21.186.el9_1 is currently running  oval:com.redhat.rhsa:tst:20231691025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-162.23.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231703056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231703030 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-abi-stablelists is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-extra is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-devel is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-modules is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703033  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-zfcpdump is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-162.23.1.el9_1  oval:com.redhat.rhsa:tst:20231703053  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231701
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

curl is earlier than 0:7.76.1-19.el9_1.2  oval:com.redhat.rhsa:tst:20231701001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl-minimal is earlier than 0:7.76.1-19.el9_1.2  oval:com.redhat.rhsa:tst:20231701003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

curl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

libcurl is earlier than 0:7.76.1-19.el9_1.2  oval:com.redhat.rhsa:tst:20231701005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl-devel is earlier than 0:7.76.1-19.el9_1.2  oval:com.redhat.rhsa:tst:20231701007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-minimal is earlier than 0:7.76.1-19.el9_1.2  oval:com.redhat.rhsa:tst:20231701009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal

libcurl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231696
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

haproxy is earlier than 0:2.4.17-3.el9_1.2  oval:com.redhat.rhsa:tst:20231696001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231696001 of type rpminfo_object
Name
haproxy

haproxy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231696002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231696001 of type rpminfo_object
Name
haproxy
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231693
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

postgresql is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-docs is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693003 of type rpminfo_object
Name
postgresql-docs

postgresql-plperl is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plperl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plpython3 is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-plpython3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-pltcl is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-pltcl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-private-devel is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-libs is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-private-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server-devel is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-server-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-static is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693011 of type rpminfo_object
Name
postgresql-static

postgresql-test is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-upgrade is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade-devel is earlier than 0:13.10-1.el9_1  oval:com.redhat.rhsa:tst:20231693027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel

postgresql-upgrade-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231693028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231693014 of type rpminfo_object
Name
postgresql-upgrade-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231691
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-162.23.1.rt21.186.el9_1 is currently running  oval:com.redhat.rhsa:tst:20231691025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-162.23.1.rt21.186.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231691026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231691015 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-extra is earlier than 0:5.14.0-162.23.1.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231691023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231681
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-162.6.1.el9_1 is currently running  oval:com.redhat.rhsa:tst:20230348006  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-162.6.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231681007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231681005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20230348001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20230348003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1

kpatch-patch-5_14_0-162_6_1 is earlier than 0:1-4.el9_1  oval:com.redhat.rhsa:tst:20231681004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1

kpatch-patch-5_14_0-162_6_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230348005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1

kernel version 0:5.14.0-162.12.1.el9_1 is currently running  oval:com.redhat.rhsa:tst:20231008012  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-162.12.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231681013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231681005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20231008008  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20231008009  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231008006 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_12_1

kpatch-patch-5_14_0-162_12_1 is earlier than 0:1-3.el9_1  oval:com.redhat.rhsa:tst:20231681010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231008006 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_12_1

kpatch-patch-5_14_0-162_12_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231008011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231008006 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_12_1

kernel version 0:5.14.0-162.18.1.el9_1 is currently running  oval:com.redhat.rhsa:tst:20231471018  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-162.18.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231681019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231681005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20231471014  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20231471015  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231471007 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_18_1

kpatch-patch-5_14_0-162_18_1 is earlier than 0:1-2.el9_1  oval:com.redhat.rhsa:tst:20231681016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231471007 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_18_1

kpatch-patch-5_14_0-162_18_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231471017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231471007 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_18_1

kernel version 0:5.14.0-162.22.2.el9_1 is currently running  oval:com.redhat.rhsa:tst:20231681024  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-162.22.2.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231681025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231681005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231681020  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231681021  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231681008 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_22_2

kpatch-patch-5_14_0-162_22_2 is earlier than 0:1-1.el9_1  oval:com.redhat.rhsa:tst:20231681022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231681008 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_22_2

kpatch-patch-5_14_0-162_22_2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231681023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231681008 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_22_2
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231670
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

httpd is earlier than 0:2.4.53-7.el9_1.5  oval:com.redhat.rhsa:tst:20231670001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067001 of type rpminfo_object
Name
httpd

httpd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067001 of type rpminfo_object
Name
httpd

httpd-core is earlier than 0:2.4.53-7.el9_1.5  oval:com.redhat.rhsa:tst:20231670003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067002 of type rpminfo_object
Name
httpd-core

httpd-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067002 of type rpminfo_object
Name
httpd-core

httpd-devel is earlier than 0:2.4.53-7.el9_1.5  oval:com.redhat.rhsa:tst:20231670005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067003 of type rpminfo_object
Name
httpd-devel

httpd-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067003 of type rpminfo_object
Name
httpd-devel

httpd-filesystem is earlier than 0:2.4.53-7.el9_1.5  oval:com.redhat.rhsa:tst:20231670007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067004 of type rpminfo_object
Name
httpd-filesystem

httpd-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067004 of type rpminfo_object
Name
httpd-filesystem

httpd-manual is earlier than 0:2.4.53-7.el9_1.5  oval:com.redhat.rhsa:tst:20231670009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067005 of type rpminfo_object
Name
httpd-manual

httpd-manual is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067005 of type rpminfo_object
Name
httpd-manual

httpd-tools is earlier than 0:2.4.53-7.el9_1.5  oval:com.redhat.rhsa:tst:20231670011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067006 of type rpminfo_object
Name
httpd-tools

httpd-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067006 of type rpminfo_object
Name
httpd-tools

mod_ldap is earlier than 0:2.4.53-7.el9_1.5  oval:com.redhat.rhsa:tst:20231670013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067007 of type rpminfo_object
Name
mod_ldap

mod_ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067007 of type rpminfo_object
Name
mod_ldap

mod_lua is earlier than 0:2.4.53-7.el9_1.5  oval:com.redhat.rhsa:tst:20231670015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067008 of type rpminfo_object
Name
mod_lua

mod_lua is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067008 of type rpminfo_object
Name
mod_lua

mod_proxy_html is earlier than 1:2.4.53-7.el9_1.5  oval:com.redhat.rhsa:tst:20231670017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067009 of type rpminfo_object
Name
mod_proxy_html

mod_proxy_html is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067009 of type rpminfo_object
Name
mod_proxy_html

mod_session is earlier than 0:2.4.53-7.el9_1.5  oval:com.redhat.rhsa:tst:20231670019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067010 of type rpminfo_object
Name
mod_session

mod_session is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067010 of type rpminfo_object
Name
mod_session

mod_ssl is earlier than 1:2.4.53-7.el9_1.5  oval:com.redhat.rhsa:tst:20231670021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067011 of type rpminfo_object
Name
mod_ssl

mod_ssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067011 of type rpminfo_object
Name
mod_ssl

mod_http2 is earlier than 0:1.15.19-3.el9_1.5  oval:com.redhat.rhsa:tst:20231670023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231670012 of type rpminfo_object
Name
mod_http2

mod_http2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231670024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231670012 of type rpminfo_object
Name
mod_http2
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231592
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tigervnc is earlier than 0:1.12.0-5.el9_1.2  oval:com.redhat.rhsa:tst:20231592001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622001 of type rpminfo_object
Name
tigervnc

tigervnc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622001 of type rpminfo_object
Name
tigervnc

tigervnc-icons is earlier than 0:1.12.0-5.el9_1.2  oval:com.redhat.rhsa:tst:20231592003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622002 of type rpminfo_object
Name
tigervnc-icons

tigervnc-icons is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622002 of type rpminfo_object
Name
tigervnc-icons

tigervnc-license is earlier than 0:1.12.0-5.el9_1.2  oval:com.redhat.rhsa:tst:20231592005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622003 of type rpminfo_object
Name
tigervnc-license

tigervnc-license is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622003 of type rpminfo_object
Name
tigervnc-license

tigervnc-selinux is earlier than 0:1.12.0-5.el9_1.2  oval:com.redhat.rhsa:tst:20231592007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622004 of type rpminfo_object
Name
tigervnc-selinux

tigervnc-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622004 of type rpminfo_object
Name
tigervnc-selinux

tigervnc-server is earlier than 0:1.12.0-5.el9_1.2  oval:com.redhat.rhsa:tst:20231592009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622005 of type rpminfo_object
Name
tigervnc-server

tigervnc-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622005 of type rpminfo_object
Name
tigervnc-server

tigervnc-server-minimal is earlier than 0:1.12.0-5.el9_1.2  oval:com.redhat.rhsa:tst:20231592011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622006 of type rpminfo_object
Name
tigervnc-server-minimal

tigervnc-server-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622006 of type rpminfo_object
Name
tigervnc-server-minimal

tigervnc-server-module is earlier than 0:1.12.0-5.el9_1.2  oval:com.redhat.rhsa:tst:20231592013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622007 of type rpminfo_object
Name
tigervnc-server-module

tigervnc-server-module is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622007 of type rpminfo_object
Name
tigervnc-server-module
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231591
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pcs is earlier than 0:0.11.3-4.el9_1.3  oval:com.redhat.rhsa:tst:20231591001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs-snmp is earlier than 0:0.11.3-4.el9_1.3  oval:com.redhat.rhsa:tst:20231591003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp

pcs-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231471
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-162.6.1.el9_1 is currently running  oval:com.redhat.rhsa:tst:20230348006  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-162.6.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231471007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231471005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20230348001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20230348003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1

kpatch-patch-5_14_0-162_6_1 is earlier than 0:1-3.el9_1  oval:com.redhat.rhsa:tst:20231471004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1

kpatch-patch-5_14_0-162_6_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230348005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1

kernel version 0:5.14.0-162.12.1.el9_1 is currently running  oval:com.redhat.rhsa:tst:20231008012  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-162.12.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231471013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231471005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20231008008  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20231008009  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231008006 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_12_1

kpatch-patch-5_14_0-162_12_1 is earlier than 0:1-2.el9_1  oval:com.redhat.rhsa:tst:20231471010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231008006 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_12_1

kpatch-patch-5_14_0-162_12_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231008011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231008006 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_12_1

kernel version 0:5.14.0-162.18.1.el9_1 is currently running  oval:com.redhat.rhsa:tst:20231471018  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-162.18.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231471019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231471005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20231471014  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20231471015  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231471007 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_18_1

kpatch-patch-5_14_0-162_18_1 is earlier than 0:1-1.el9_1  oval:com.redhat.rhsa:tst:20231471016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231471007 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_18_1

kpatch-patch-5_14_0-162_18_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231471017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231471007 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_18_1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231470
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-162.22.2.rt21.186.el9_1 is currently running  oval:com.redhat.rhsa:tst:20231469025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-162.22.2.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231470056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231470030 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-abi-stablelists is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-extra is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-devel is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-modules is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470033  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-zfcpdump is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-162.22.2.el9_1  oval:com.redhat.rhsa:tst:20231470053  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231469
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-162.22.2.rt21.186.el9_1 is currently running  oval:com.redhat.rhsa:tst:20231469025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-162.22.2.rt21.186.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231469026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231469015 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-extra is earlier than 0:5.14.0-162.22.2.rt21.186.el9_1  oval:com.redhat.rhsa:tst:20231469023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231407
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.9.0-1.el9_1  oval:com.redhat.rhsa:tst:20231407001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231368
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nspr is earlier than 0:4.34.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nspraarch64(none)4.el9_34.35.00:4.35.0-4.el9_3199e2f91fd431d51nspr-0:4.35.0-4.el9_3.aarch64

nspr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nspraarch64(none)4.el9_34.35.00:4.35.0-4.el9_3199e2f91fd431d51nspr-0:4.35.0-4.el9_3.aarch64

nspr-devel is earlier than 0:4.34.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368002 of type rpminfo_object
Name
nspr-devel

nspr-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368002 of type rpminfo_object
Name
nspr-devel

nss is earlier than 0:3.79.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nssaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-0:3.90.0-4.el9_3.aarch64

nss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nssaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-0:3.90.0-4.el9_3.aarch64

nss-devel is earlier than 0:3.79.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368004 of type rpminfo_object
Name
nss-devel

nss-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368004 of type rpminfo_object
Name
nss-devel

nss-softokn is earlier than 0:3.79.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softoknaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-0:3.90.0-4.el9_3.aarch64

nss-softokn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softoknaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-0:3.90.0-4.el9_3.aarch64

nss-softokn-devel is earlier than 0:3.79.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368006 of type rpminfo_object
Name
nss-softokn-devel

nss-softokn-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368006 of type rpminfo_object
Name
nss-softokn-devel

nss-softokn-freebl is earlier than 0:3.79.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softokn-freeblaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-freebl-0:3.90.0-4.el9_3.aarch64

nss-softokn-freebl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-softokn-freeblaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-softokn-freebl-0:3.90.0-4.el9_3.aarch64

nss-softokn-freebl-devel is earlier than 0:3.79.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368008 of type rpminfo_object
Name
nss-softokn-freebl-devel

nss-softokn-freebl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368008 of type rpminfo_object
Name
nss-softokn-freebl-devel

nss-sysinit is earlier than 0:3.79.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-sysinitaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-sysinit-0:3.90.0-4.el9_3.aarch64

nss-sysinit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-sysinitaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-sysinit-0:3.90.0-4.el9_3.aarch64

nss-tools is earlier than 0:3.79.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368010 of type rpminfo_object
Name
nss-tools

nss-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368010 of type rpminfo_object
Name
nss-tools

nss-util is earlier than 0:3.79.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368021  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-utilaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-util-0:3.90.0-4.el9_3.aarch64

nss-util is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368022  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
nss-utilaarch64(none)4.el9_33.90.00:3.90.0-4.el9_3199e2f91fd431d51nss-util-0:3.90.0-4.el9_3.aarch64

nss-util-devel is earlier than 0:3.79.0-17.el9_1  oval:com.redhat.rhsa:tst:20231368023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368012 of type rpminfo_object
Name
nss-util-devel

nss-util-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231368024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231368012 of type rpminfo_object
Name
nss-util-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231337
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.9.0-3.el9_1  oval:com.redhat.rhsa:tst:20231337001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:102.9.0-3.el9_1  oval:com.redhat.rhsa:tst:20231337003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231141
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gnutls is earlier than 0:3.7.6-18.el9_1  oval:com.redhat.rhsa:tst:20231141001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gnutlsaarch64(none)23.el93.7.60:3.7.6-23.el9199e2f91fd431d51gnutls-0:3.7.6-23.el9.aarch64

gnutls is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gnutlsaarch64(none)23.el93.7.60:3.7.6-23.el9199e2f91fd431d51gnutls-0:3.7.6-23.el9.aarch64

gnutls-c++ is earlier than 0:3.7.6-18.el9_1  oval:com.redhat.rhsa:tst:20231141003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854002 of type rpminfo_object
Name
gnutls-c++

gnutls-c++ is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854002 of type rpminfo_object
Name
gnutls-c++

gnutls-dane is earlier than 0:3.7.6-18.el9_1  oval:com.redhat.rhsa:tst:20231141005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854003 of type rpminfo_object
Name
gnutls-dane

gnutls-dane is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854003 of type rpminfo_object
Name
gnutls-dane

gnutls-devel is earlier than 0:3.7.6-18.el9_1  oval:com.redhat.rhsa:tst:20231141007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854004 of type rpminfo_object
Name
gnutls-devel

gnutls-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854004 of type rpminfo_object
Name
gnutls-devel

gnutls-utils is earlier than 0:3.7.6-18.el9_1  oval:com.redhat.rhsa:tst:20231141009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854005 of type rpminfo_object
Name
gnutls-utils

gnutls-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854005 of type rpminfo_object
Name
gnutls-utils
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231068
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libjpeg-turbo is earlier than 0:2.0.90-6.el9_1  oval:com.redhat.rhsa:tst:20231068001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libjpeg-turboaarch64(none)6.el9_12.0.900:2.0.90-6.el9_1199e2f91fd431d51libjpeg-turbo-0:2.0.90-6.el9_1.aarch64

libjpeg-turbo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231068002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libjpeg-turboaarch64(none)6.el9_12.0.900:2.0.90-6.el9_1199e2f91fd431d51libjpeg-turbo-0:2.0.90-6.el9_1.aarch64

libjpeg-turbo-devel is earlier than 0:2.0.90-6.el9_1  oval:com.redhat.rhsa:tst:20231068003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231068002 of type rpminfo_object
Name
libjpeg-turbo-devel

libjpeg-turbo-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231068004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231068002 of type rpminfo_object
Name
libjpeg-turbo-devel

libjpeg-turbo-utils is earlier than 0:2.0.90-6.el9_1  oval:com.redhat.rhsa:tst:20231068005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231068003 of type rpminfo_object
Name
libjpeg-turbo-utils

libjpeg-turbo-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231068006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231068003 of type rpminfo_object
Name
libjpeg-turbo-utils

turbojpeg is earlier than 0:2.0.90-6.el9_1  oval:com.redhat.rhsa:tst:20231068007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231068004 of type rpminfo_object
Name
turbojpeg

turbojpeg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231068008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231068004 of type rpminfo_object
Name
turbojpeg

turbojpeg-devel is earlier than 0:2.0.90-6.el9_1  oval:com.redhat.rhsa:tst:20231068009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231068005 of type rpminfo_object
Name
turbojpeg-devel

turbojpeg-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231068010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231068005 of type rpminfo_object
Name
turbojpeg-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231067
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pesign is earlier than 0:115-6.el9_1  oval:com.redhat.rhsa:tst:20231067001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231067001 of type rpminfo_object
Name
pesign

pesign is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231067002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231067001 of type rpminfo_object
Name
pesign
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20231008
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-162.6.1.el9_1 is currently running  oval:com.redhat.rhsa:tst:20230348006  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-162.6.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231008007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231008005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20230348001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20230348003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1

kpatch-patch-5_14_0-162_6_1 is earlier than 0:1-2.el9_1  oval:com.redhat.rhsa:tst:20231008004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1

kpatch-patch-5_14_0-162_6_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230348005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1

kernel version 0:5.14.0-162.12.1.el9_1 is currently running  oval:com.redhat.rhsa:tst:20231008012  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-162.12.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20231008013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231008005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20231008008  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20231008009  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231008006 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_12_1

kpatch-patch-5_14_0-162_12_1 is earlier than 0:1-1.el9_1  oval:com.redhat.rhsa:tst:20231008010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231008006 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_12_1

kpatch-patch-5_14_0-162_12_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20231008011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20231008006 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_12_1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230979
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel earlier than 0:5.14.0-162.18.1.el9_1 is currently running  oval:com.redhat.rhsa:tst:20230951055  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-162.18.1.rt21.181.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20230979026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230979015 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-extra is earlier than 0:5.14.0-162.18.1.rt21.181.el9_1  oval:com.redhat.rhsa:tst:20230979023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230974
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pcs is earlier than 0:0.11.3-4.el9_1.2  oval:com.redhat.rhsa:tst:20230974001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs-snmp is earlier than 0:0.11.3-4.el9_1.2  oval:com.redhat.rhsa:tst:20230974003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp

pcs-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230970
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

httpd is earlier than 0:2.4.53-7.el9_1.1  oval:com.redhat.rhsa:tst:20230970001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067001 of type rpminfo_object
Name
httpd

httpd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067001 of type rpminfo_object
Name
httpd

httpd-core is earlier than 0:2.4.53-7.el9_1.1  oval:com.redhat.rhsa:tst:20230970003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067002 of type rpminfo_object
Name
httpd-core

httpd-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067002 of type rpminfo_object
Name
httpd-core

httpd-devel is earlier than 0:2.4.53-7.el9_1.1  oval:com.redhat.rhsa:tst:20230970005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067003 of type rpminfo_object
Name
httpd-devel

httpd-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067003 of type rpminfo_object
Name
httpd-devel

httpd-filesystem is earlier than 0:2.4.53-7.el9_1.1  oval:com.redhat.rhsa:tst:20230970007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067004 of type rpminfo_object
Name
httpd-filesystem

httpd-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067004 of type rpminfo_object
Name
httpd-filesystem

httpd-manual is earlier than 0:2.4.53-7.el9_1.1  oval:com.redhat.rhsa:tst:20230970009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067005 of type rpminfo_object
Name
httpd-manual

httpd-manual is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067005 of type rpminfo_object
Name
httpd-manual

httpd-tools is earlier than 0:2.4.53-7.el9_1.1  oval:com.redhat.rhsa:tst:20230970011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067006 of type rpminfo_object
Name
httpd-tools

httpd-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067006 of type rpminfo_object
Name
httpd-tools

mod_ldap is earlier than 0:2.4.53-7.el9_1.1  oval:com.redhat.rhsa:tst:20230970013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067007 of type rpminfo_object
Name
mod_ldap

mod_ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067007 of type rpminfo_object
Name
mod_ldap

mod_lua is earlier than 0:2.4.53-7.el9_1.1  oval:com.redhat.rhsa:tst:20230970015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067008 of type rpminfo_object
Name
mod_lua

mod_lua is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067008 of type rpminfo_object
Name
mod_lua

mod_proxy_html is earlier than 1:2.4.53-7.el9_1.1  oval:com.redhat.rhsa:tst:20230970017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067009 of type rpminfo_object
Name
mod_proxy_html

mod_proxy_html is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067009 of type rpminfo_object
Name
mod_proxy_html

mod_session is earlier than 0:2.4.53-7.el9_1.1  oval:com.redhat.rhsa:tst:20230970019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067010 of type rpminfo_object
Name
mod_session

mod_session is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067010 of type rpminfo_object
Name
mod_session

mod_ssl is earlier than 1:2.4.53-7.el9_1.1  oval:com.redhat.rhsa:tst:20230970021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067011 of type rpminfo_object
Name
mod_ssl

mod_ssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067011 of type rpminfo_object
Name
mod_ssl
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230965
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

php is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php-bcmath is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-bcmath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-cli is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-cli is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-common is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-dba is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dbg is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-dbg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-devel is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-embedded is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-embedded is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-enchant is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-enchant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-ffi is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-ffi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-fpm is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-fpm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-gd is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gmp is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-gmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-intl is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-intl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-ldap is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-mbstring is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mbstring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mysqlnd is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-mysqlnd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-odbc is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-odbc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-opcache is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-opcache is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-pdo is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pdo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pgsql is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-pgsql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-process is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-process is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-snmp is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-soap is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-soap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-xml is earlier than 0:8.0.27-1.el9_1  oval:com.redhat.rhsa:tst:20230965049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml

php-xml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230959
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tar is earlier than 2:1.34-6.el9_1  oval:com.redhat.rhsa:tst:20230959001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
taraarch6426.el9_11.342:1.34-6.el9_1199e2f91fd431d51tar-2:1.34-6.el9_1.aarch64

tar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230959002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
taraarch6426.el9_11.342:1.34-6.el9_1199e2f91fd431d51tar-2:1.34-6.el9_1.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230958
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

vim-X11 is earlier than 2:8.2.2637-20.el9_1  oval:com.redhat.rhsa:tst:20230958001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225242001 of type rpminfo_object
Name
vim-X11

vim-X11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225242001 of type rpminfo_object
Name
vim-X11

vim-common is earlier than 2:8.2.2637-20.el9_1  oval:com.redhat.rhsa:tst:20230958003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-commonaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-common-2:8.2.2637-20.el9_1.aarch64

vim-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-commonaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-common-2:8.2.2637-20.el9_1.aarch64

vim-enhanced is earlier than 2:8.2.2637-20.el9_1  oval:com.redhat.rhsa:tst:20230958005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-enhancedaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-enhanced-2:8.2.2637-20.el9_1.aarch64

vim-enhanced is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-enhancedaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-enhanced-2:8.2.2637-20.el9_1.aarch64

vim-filesystem is earlier than 2:8.2.2637-20.el9_1  oval:com.redhat.rhsa:tst:20230958007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-filesystemnoarch220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-filesystem-2:8.2.2637-20.el9_1.noarch

vim-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-filesystemnoarch220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-filesystem-2:8.2.2637-20.el9_1.noarch

vim-minimal is earlier than 2:8.2.2637-20.el9_1  oval:com.redhat.rhsa:tst:20230958009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-minimalaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-minimal-2:8.2.2637-20.el9_1.aarch64

vim-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-minimalaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-minimal-2:8.2.2637-20.el9_1.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230957
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

lua is earlier than 0:5.4.4-2.el9_1  oval:com.redhat.rhsa:tst:20230957001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329001 of type rpminfo_object
Name
lua

lua is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227329002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329001 of type rpminfo_object
Name
lua

lua-devel is earlier than 0:5.4.4-2.el9_1  oval:com.redhat.rhsa:tst:20230957003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329002 of type rpminfo_object
Name
lua-devel

lua-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227329004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329002 of type rpminfo_object
Name
lua-devel

lua-libs is earlier than 0:5.4.4-2.el9_1  oval:com.redhat.rhsa:tst:20230957005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
lua-libsaarch64(none)4.el95.4.40:5.4.4-4.el9199e2f91fd431d51lua-libs-0:5.4.4-4.el9.aarch64

lua-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227329006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
lua-libsaarch64(none)4.el95.4.40:5.4.4-4.el9199e2f91fd431d51lua-libs-0:5.4.4-4.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230954
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

systemd is earlier than 0:250-12.el9_1.3  oval:com.redhat.rhsa:tst:20230954001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemdaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-0:252-18.el9.aarch64

systemd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemdaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-0:252-18.el9.aarch64

systemd-container is earlier than 0:250-12.el9_1.3  oval:com.redhat.rhsa:tst:20230954003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336002 of type rpminfo_object
Name
systemd-container

systemd-container is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336002 of type rpminfo_object
Name
systemd-container

systemd-devel is earlier than 0:250-12.el9_1.3  oval:com.redhat.rhsa:tst:20230954005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336003 of type rpminfo_object
Name
systemd-devel

systemd-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336003 of type rpminfo_object
Name
systemd-devel

systemd-journal-remote is earlier than 0:250-12.el9_1.3  oval:com.redhat.rhsa:tst:20230954007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336004 of type rpminfo_object
Name
systemd-journal-remote

systemd-journal-remote is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336004 of type rpminfo_object
Name
systemd-journal-remote

systemd-libs is earlier than 0:250-12.el9_1.3  oval:com.redhat.rhsa:tst:20230954009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-libsaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-libs-0:252-18.el9.aarch64

systemd-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-libsaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-libs-0:252-18.el9.aarch64

systemd-oomd is earlier than 0:250-12.el9_1.3  oval:com.redhat.rhsa:tst:20230954011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336006 of type rpminfo_object
Name
systemd-oomd

systemd-oomd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336006 of type rpminfo_object
Name
systemd-oomd

systemd-pam is earlier than 0:250-12.el9_1.3  oval:com.redhat.rhsa:tst:20230954013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-pamaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-pam-0:252-18.el9.aarch64

systemd-pam is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-pamaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-pam-0:252-18.el9.aarch64

systemd-resolved is earlier than 0:250-12.el9_1.3  oval:com.redhat.rhsa:tst:20230954015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336008 of type rpminfo_object
Name
systemd-resolved

systemd-resolved is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336008 of type rpminfo_object
Name
systemd-resolved

systemd-rpm-macros is earlier than 0:250-12.el9_1.3  oval:com.redhat.rhsa:tst:20230954017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-rpm-macrosnoarch(none)18.el92520:252-18.el9199e2f91fd431d51systemd-rpm-macros-0:252-18.el9.noarch

systemd-rpm-macros is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-rpm-macrosnoarch(none)18.el92520:252-18.el9199e2f91fd431d51systemd-rpm-macros-0:252-18.el9.noarch

systemd-udev is earlier than 0:250-12.el9_1.3  oval:com.redhat.rhsa:tst:20230954019  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-udevaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-udev-0:252-18.el9.aarch64

systemd-udev is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336020  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-udevaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-udev-0:252-18.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230953
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python-unversioned-command is earlier than 0:3.9.14-1.el9_1.2  oval:com.redhat.rhsa:tst:20230953001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python-unversioned-command is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python3 is earlier than 0:3.9.14-1.el9_1.2  oval:com.redhat.rhsa:tst:20230953003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3-debug is earlier than 0:3.9.14-1.el9_1.2  oval:com.redhat.rhsa:tst:20230953005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-devel is earlier than 0:3.9.14-1.el9_1.2  oval:com.redhat.rhsa:tst:20230953007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-idle is earlier than 0:3.9.14-1.el9_1.2  oval:com.redhat.rhsa:tst:20230953009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-idle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-libs is earlier than 0:3.9.14-1.el9_1.2  oval:com.redhat.rhsa:tst:20230953011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-test is earlier than 0:3.9.14-1.el9_1.2  oval:com.redhat.rhsa:tst:20230953013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-tkinter is earlier than 0:3.9.14-1.el9_1.2  oval:com.redhat.rhsa:tst:20230953015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter

python3-tkinter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230952
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-setuptools is earlier than 0:53.0.0-10.el9_1.1  oval:com.redhat.rhsa:tst:20230952001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-setuptoolsnoarch(none)12.el953.0.00:53.0.0-12.el9199e2f91fd431d51python3-setuptools-0:53.0.0-12.el9.noarch

python3-setuptools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230952002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-setuptoolsnoarch(none)12.el953.0.00:53.0.0-12.el9199e2f91fd431d51python3-setuptools-0:53.0.0-12.el9.noarch

python3-setuptools-wheel is earlier than 0:53.0.0-10.el9_1.1  oval:com.redhat.rhsa:tst:20230952003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-setuptools-wheelnoarch(none)12.el953.0.00:53.0.0-12.el9199e2f91fd431d51python3-setuptools-wheel-0:53.0.0-12.el9.noarch

python3-setuptools-wheel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230952004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-setuptools-wheelnoarch(none)12.el953.0.00:53.0.0-12.el9199e2f91fd431d51python3-setuptools-wheel-0:53.0.0-12.el9.noarch
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230951
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel earlier than 0:5.14.0-162.18.1.el9_1 is currently running  oval:com.redhat.rhsa:tst:20230951055  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-162.18.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20230951056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230951030 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-abi-stablelists is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-extra is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-devel is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-modules is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951033  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-zfcpdump is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-162.18.1.el9_1  oval:com.redhat.rhsa:tst:20230951053  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230946
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

openssl is earlier than 1:3.0.1-47.el9_1  oval:com.redhat.rhsa:tst:20230946001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl-devel is earlier than 1:3.0.1-47.el9_1  oval:com.redhat.rhsa:tst:20230946003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-libs is earlier than 1:3.0.1-47.el9_1  oval:com.redhat.rhsa:tst:20230946005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-perl is earlier than 1:3.0.1-47.el9_1  oval:com.redhat.rhsa:tst:20230946007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl

openssl-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230903
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

webkit2gtk3 is earlier than 0:2.36.7-1.el9_1.2  oval:com.redhat.rhsa:tst:20230903001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-devel is earlier than 0:2.36.7-1.el9_1.2  oval:com.redhat.rhsa:tst:20230903003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-jsc is earlier than 0:2.36.7-1.el9_1.2  oval:com.redhat.rhsa:tst:20230903005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc-devel is earlier than 0:2.36.7-1.el9_1.2  oval:com.redhat.rhsa:tst:20230903007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel

webkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230824
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.8.0-2.el9_1  oval:com.redhat.rhsa:tst:20230824001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230810
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.8.0-2.el9_1  oval:com.redhat.rhsa:tst:20230810001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox-x11 is earlier than 0:102.8.0-2.el9_1  oval:com.redhat.rhsa:tst:20230810003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11

firefox-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230810004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230810002 of type rpminfo_object
Name
firefox-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230752
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

grub2-common is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-commonnoarch170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-common-1:2.06-70.el9_3.1.noarch

grub2-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-commonnoarch170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-common-1:2.06-70.el9_3.1.noarch

grub2-efi-aa64 is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-efi-aa64aarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-efi-aa64-1:2.06-70.el9_3.1.aarch64

grub2-efi-aa64 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-efi-aa64aarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-efi-aa64-1:2.06-70.el9_3.1.aarch64

grub2-efi-aa64-cdboot is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099003 of type rpminfo_object
Name
grub2-efi-aa64-cdboot

grub2-efi-aa64-cdboot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099003 of type rpminfo_object
Name
grub2-efi-aa64-cdboot

grub2-efi-aa64-modules is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099004 of type rpminfo_object
Name
grub2-efi-aa64-modules

grub2-efi-aa64-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099004 of type rpminfo_object
Name
grub2-efi-aa64-modules

grub2-efi-x64 is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099005 of type rpminfo_object
Name
grub2-efi-x64

grub2-efi-x64 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099005 of type rpminfo_object
Name
grub2-efi-x64

grub2-efi-x64-cdboot is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099006 of type rpminfo_object
Name
grub2-efi-x64-cdboot

grub2-efi-x64-cdboot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099006 of type rpminfo_object
Name
grub2-efi-x64-cdboot

grub2-efi-x64-modules is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099007 of type rpminfo_object
Name
grub2-efi-x64-modules

grub2-efi-x64-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099007 of type rpminfo_object
Name
grub2-efi-x64-modules

grub2-pc is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099008 of type rpminfo_object
Name
grub2-pc

grub2-pc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099008 of type rpminfo_object
Name
grub2-pc

grub2-pc-modules is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099009 of type rpminfo_object
Name
grub2-pc-modules

grub2-pc-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099009 of type rpminfo_object
Name
grub2-pc-modules

grub2-ppc64le is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099010 of type rpminfo_object
Name
grub2-ppc64le

grub2-ppc64le is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099010 of type rpminfo_object
Name
grub2-ppc64le

grub2-ppc64le-modules is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099011 of type rpminfo_object
Name
grub2-ppc64le-modules

grub2-ppc64le-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099011 of type rpminfo_object
Name
grub2-ppc64le-modules

grub2-tools is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752023  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-toolsaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-1:2.06-70.el9_3.1.aarch64

grub2-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099024  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-toolsaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-1:2.06-70.el9_3.1.aarch64

grub2-tools-efi is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099013 of type rpminfo_object
Name
grub2-tools-efi

grub2-tools-efi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099013 of type rpminfo_object
Name
grub2-tools-efi

grub2-tools-extra is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099014 of type rpminfo_object
Name
grub2-tools-extra

grub2-tools-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099014 of type rpminfo_object
Name
grub2-tools-extra

grub2-tools-minimal is earlier than 1:2.06-46.el9_1.3  oval:com.redhat.rhsa:tst:20230752029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-tools-minimalaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-minimal-1:2.06-70.el9_3.1.aarch64

grub2-tools-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099030  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-tools-minimalaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-minimal-1:2.06-70.el9_3.1.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230626
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libksba is earlier than 0:1.5.1-6.el9_1  oval:com.redhat.rhsa:tst:20230626001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libksbaaarch64(none)6.el9_11.5.10:1.5.1-6.el9_1199e2f91fd431d51libksba-0:1.5.1-6.el9_1.aarch64

libksba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227090002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libksbaaarch64(none)6.el9_11.5.10:1.5.1-6.el9_1199e2f91fd431d51libksba-0:1.5.1-6.el9_1.aarch64

libksba-devel is earlier than 0:1.5.1-6.el9_1  oval:com.redhat.rhsa:tst:20230626003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227090002 of type rpminfo_object
Name
libksba-devel

libksba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227090004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227090002 of type rpminfo_object
Name
libksba-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230622
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

tigervnc is earlier than 0:1.12.0-5.el9_1.1  oval:com.redhat.rhsa:tst:20230622001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622001 of type rpminfo_object
Name
tigervnc

tigervnc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622001 of type rpminfo_object
Name
tigervnc

tigervnc-icons is earlier than 0:1.12.0-5.el9_1.1  oval:com.redhat.rhsa:tst:20230622003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622002 of type rpminfo_object
Name
tigervnc-icons

tigervnc-icons is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622002 of type rpminfo_object
Name
tigervnc-icons

tigervnc-license is earlier than 0:1.12.0-5.el9_1.1  oval:com.redhat.rhsa:tst:20230622005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622003 of type rpminfo_object
Name
tigervnc-license

tigervnc-license is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622003 of type rpminfo_object
Name
tigervnc-license

tigervnc-selinux is earlier than 0:1.12.0-5.el9_1.1  oval:com.redhat.rhsa:tst:20230622007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622004 of type rpminfo_object
Name
tigervnc-selinux

tigervnc-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622004 of type rpminfo_object
Name
tigervnc-selinux

tigervnc-server is earlier than 0:1.12.0-5.el9_1.1  oval:com.redhat.rhsa:tst:20230622009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622005 of type rpminfo_object
Name
tigervnc-server

tigervnc-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622005 of type rpminfo_object
Name
tigervnc-server

tigervnc-server-minimal is earlier than 0:1.12.0-5.el9_1.1  oval:com.redhat.rhsa:tst:20230622011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622006 of type rpminfo_object
Name
tigervnc-server-minimal

tigervnc-server-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622006 of type rpminfo_object
Name
tigervnc-server-minimal

tigervnc-server-module is earlier than 0:1.12.0-5.el9_1.1  oval:com.redhat.rhsa:tst:20230622013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622007 of type rpminfo_object
Name
tigervnc-server-module

tigervnc-server-module is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230622014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230622007 of type rpminfo_object
Name
tigervnc-server-module
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230611
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

git is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gitaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-0:2.39.3-1.el9_2.aarch64

git is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gitaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-0:2.39.3-1.el9_2.aarch64

git-all is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611002 of type rpminfo_object
Name
git-all

git-all is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611002 of type rpminfo_object
Name
git-all

git-core is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-coreaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-0:2.39.3-1.el9_2.aarch64

git-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-coreaarch64(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-0:2.39.3-1.el9_2.aarch64

git-core-doc is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-core-docnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-doc-0:2.39.3-1.el9_2.noarch

git-core-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
git-core-docnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51git-core-doc-0:2.39.3-1.el9_2.noarch

git-credential-libsecret is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611005 of type rpminfo_object
Name
git-credential-libsecret

git-credential-libsecret is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611005 of type rpminfo_object
Name
git-credential-libsecret

git-daemon is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611006 of type rpminfo_object
Name
git-daemon

git-daemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611006 of type rpminfo_object
Name
git-daemon

git-email is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611007 of type rpminfo_object
Name
git-email

git-email is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611007 of type rpminfo_object
Name
git-email

git-gui is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611008 of type rpminfo_object
Name
git-gui

git-gui is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611008 of type rpminfo_object
Name
git-gui

git-instaweb is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611009 of type rpminfo_object
Name
git-instaweb

git-instaweb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611009 of type rpminfo_object
Name
git-instaweb

git-subtree is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611010 of type rpminfo_object
Name
git-subtree

git-subtree is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611010 of type rpminfo_object
Name
git-subtree

git-svn is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611011 of type rpminfo_object
Name
git-svn

git-svn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611011 of type rpminfo_object
Name
git-svn

gitk is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611012 of type rpminfo_object
Name
gitk

gitk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611012 of type rpminfo_object
Name
gitk

gitweb is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611013 of type rpminfo_object
Name
gitweb

gitweb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611013 of type rpminfo_object
Name
gitweb

perl-Git is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611027  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
perl-Gitnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51perl-Git-0:2.39.3-1.el9_2.noarch

perl-Git is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611028  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
perl-Gitnoarch(none)1.el9_22.39.30:2.39.3-1.el9_2199e2f91fd431d51perl-Git-0:2.39.3-1.el9_2.noarch

perl-Git-SVN is earlier than 0:2.31.1-3.el9_1  oval:com.redhat.rhsa:tst:20230611029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611015 of type rpminfo_object
Name
perl-Git-SVN

perl-Git-SVN is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230611030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230611015 of type rpminfo_object
Name
perl-Git-SVN
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230608
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.7.1-2.el9_1  oval:com.redhat.rhsa:tst:20230608001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230476
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.7.1-1.el9_1  oval:com.redhat.rhsa:tst:20230476001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230383
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libXpm is earlier than 0:3.5.13-8.el9_1  oval:com.redhat.rhsa:tst:20230383001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libXpmaarch64(none)8.el9_13.5.130:3.5.13-8.el9_1199e2f91fd431d51libXpm-0:3.5.13-8.el9_1.aarch64

libXpm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230383002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libXpmaarch64(none)8.el9_13.5.130:3.5.13-8.el9_1199e2f91fd431d51libXpm-0:3.5.13-8.el9_1.aarch64

libXpm-devel is earlier than 0:3.5.13-8.el9_1  oval:com.redhat.rhsa:tst:20230383003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230383002 of type rpminfo_object
Name
libXpm-devel

libXpm-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230383004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230383002 of type rpminfo_object
Name
libXpm-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230348
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-162.6.1.el9_1 is currently running  oval:com.redhat.rhsa:tst:20230348006  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-162.6.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20230348007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20230348001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20230348003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1

kpatch-patch-5_14_0-162_6_1 is earlier than 0:1-1.el9_1  oval:com.redhat.rhsa:tst:20230348004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1

kpatch-patch-5_14_0-162_6_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230348005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230348002 of type rpminfo_object
Name
kpatch-patch-5_14_0-162_6_1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230343
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libtasn1 is earlier than 0:4.16.0-8.el9_1  oval:com.redhat.rhsa:tst:20230343001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtasn1aarch64(none)8.el9_14.16.00:4.16.0-8.el9_1199e2f91fd431d51libtasn1-0:4.16.0-8.el9_1.aarch64

libtasn1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230343002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtasn1aarch64(none)8.el9_14.16.00:4.16.0-8.el9_1199e2f91fd431d51libtasn1-0:4.16.0-8.el9_1.aarch64

libtasn1-devel is earlier than 0:4.16.0-8.el9_1  oval:com.redhat.rhsa:tst:20230343003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230343002 of type rpminfo_object
Name
libtasn1-devel

libtasn1-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230343004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230343002 of type rpminfo_object
Name
libtasn1-devel

libtasn1-tools is earlier than 0:4.16.0-8.el9_1  oval:com.redhat.rhsa:tst:20230343005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230343003 of type rpminfo_object
Name
libtasn1-tools

libtasn1-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230343006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230343003 of type rpminfo_object
Name
libtasn1-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230340
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

bash is earlier than 0:5.1.8-6.el9_1  oval:com.redhat.rhsa:tst:20230340001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bashaarch64(none)6.el9_15.1.80:5.1.8-6.el9_1199e2f91fd431d51bash-0:5.1.8-6.el9_1.aarch64

bash is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230340002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bashaarch64(none)6.el9_15.1.80:5.1.8-6.el9_1199e2f91fd431d51bash-0:5.1.8-6.el9_1.aarch64

bash-devel is earlier than 0:5.1.8-6.el9_1  oval:com.redhat.rhsa:tst:20230340003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230340002 of type rpminfo_object
Name
bash-devel

bash-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230340004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230340002 of type rpminfo_object
Name
bash-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230339
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

sqlite is earlier than 0:3.34.1-6.el9_1  oval:com.redhat.rhsa:tst:20230339001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230339001 of type rpminfo_object
Name
sqlite

sqlite is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230339002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230339001 of type rpminfo_object
Name
sqlite

sqlite-devel is earlier than 0:3.34.1-6.el9_1  oval:com.redhat.rhsa:tst:20230339003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230339002 of type rpminfo_object
Name
sqlite-devel

sqlite-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230339004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230339002 of type rpminfo_object
Name
sqlite-devel

sqlite-libs is earlier than 0:3.34.1-6.el9_1  oval:com.redhat.rhsa:tst:20230339005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
sqlite-libsaarch64(none)6.el9_13.34.10:3.34.1-6.el9_1199e2f91fd431d51sqlite-libs-0:3.34.1-6.el9_1.aarch64

sqlite-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230339006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
sqlite-libsaarch64(none)6.el9_13.34.10:3.34.1-6.el9_1199e2f91fd431d51sqlite-libs-0:3.34.1-6.el9_1.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230338
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libxml2 is earlier than 0:2.9.13-3.el9_1  oval:com.redhat.rhsa:tst:20230338001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51libxml2-0:2.9.13-5.el9_3.aarch64

libxml2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51libxml2-0:2.9.13-5.el9_3.aarch64

libxml2-devel is earlier than 0:2.9.13-3.el9_1  oval:com.redhat.rhsa:tst:20230338003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225250002 of type rpminfo_object
Name
libxml2-devel

libxml2-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225250002 of type rpminfo_object
Name
libxml2-devel

python3-libxml2 is earlier than 0:2.9.13-3.el9_1  oval:com.redhat.rhsa:tst:20230338005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51python3-libxml2-0:2.9.13-5.el9_3.aarch64

python3-libxml2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51python3-libxml2-0:2.9.13-5.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230337
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

expat is earlier than 0:2.4.9-1.el9_1.1  oval:com.redhat.rhsa:tst:20230337001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
expataarch64(none)1.el92.5.00:2.5.0-1.el9199e2f91fd431d51expat-0:2.5.0-1.el9.aarch64

expat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225244002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
expataarch64(none)1.el92.5.00:2.5.0-1.el9199e2f91fd431d51expat-0:2.5.0-1.el9.aarch64

expat-devel is earlier than 0:2.4.9-1.el9_1.1  oval:com.redhat.rhsa:tst:20230337003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225244002 of type rpminfo_object
Name
expat-devel

expat-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225244004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225244002 of type rpminfo_object
Name
expat-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230336
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

systemd is earlier than 0:250-12.el9_1.1  oval:com.redhat.rhsa:tst:20230336001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemdaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-0:252-18.el9.aarch64

systemd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemdaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-0:252-18.el9.aarch64

systemd-container is earlier than 0:250-12.el9_1.1  oval:com.redhat.rhsa:tst:20230336003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336002 of type rpminfo_object
Name
systemd-container

systemd-container is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336002 of type rpminfo_object
Name
systemd-container

systemd-devel is earlier than 0:250-12.el9_1.1  oval:com.redhat.rhsa:tst:20230336005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336003 of type rpminfo_object
Name
systemd-devel

systemd-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336003 of type rpminfo_object
Name
systemd-devel

systemd-journal-remote is earlier than 0:250-12.el9_1.1  oval:com.redhat.rhsa:tst:20230336007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336004 of type rpminfo_object
Name
systemd-journal-remote

systemd-journal-remote is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336004 of type rpminfo_object
Name
systemd-journal-remote

systemd-libs is earlier than 0:250-12.el9_1.1  oval:com.redhat.rhsa:tst:20230336009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-libsaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-libs-0:252-18.el9.aarch64

systemd-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-libsaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-libs-0:252-18.el9.aarch64

systemd-oomd is earlier than 0:250-12.el9_1.1  oval:com.redhat.rhsa:tst:20230336011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336006 of type rpminfo_object
Name
systemd-oomd

systemd-oomd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336006 of type rpminfo_object
Name
systemd-oomd

systemd-pam is earlier than 0:250-12.el9_1.1  oval:com.redhat.rhsa:tst:20230336013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-pamaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-pam-0:252-18.el9.aarch64

systemd-pam is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-pamaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-pam-0:252-18.el9.aarch64

systemd-resolved is earlier than 0:250-12.el9_1.1  oval:com.redhat.rhsa:tst:20230336015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336008 of type rpminfo_object
Name
systemd-resolved

systemd-resolved is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230336008 of type rpminfo_object
Name
systemd-resolved

systemd-rpm-macros is earlier than 0:250-12.el9_1.1  oval:com.redhat.rhsa:tst:20230336017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-rpm-macrosnoarch(none)18.el92520:252-18.el9199e2f91fd431d51systemd-rpm-macros-0:252-18.el9.noarch

systemd-rpm-macros is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-rpm-macrosnoarch(none)18.el92520:252-18.el9199e2f91fd431d51systemd-rpm-macros-0:252-18.el9.noarch

systemd-udev is earlier than 0:250-12.el9_1.1  oval:com.redhat.rhsa:tst:20230336019  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-udevaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-udev-0:252-18.el9.aarch64

systemd-udev is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230336020  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
systemd-udevaarch64(none)18.el92520:252-18.el9199e2f91fd431d51systemd-udev-0:252-18.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230335
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

dbus is earlier than 1:1.12.20-7.el9_1  oval:com.redhat.rhsa:tst:20230335001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbusaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-1:1.12.20-8.el9.aarch64

dbus is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbusaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-1:1.12.20-8.el9.aarch64

dbus-common is earlier than 1:1.12.20-7.el9_1  oval:com.redhat.rhsa:tst:20230335003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-commonnoarch18.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-common-1:1.12.20-8.el9.noarch

dbus-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-commonnoarch18.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-common-1:1.12.20-8.el9.noarch

dbus-daemon is earlier than 1:1.12.20-7.el9_1  oval:com.redhat.rhsa:tst:20230335005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-daemonaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-daemon-1:1.12.20-8.el9.aarch64

dbus-daemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-daemonaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-daemon-1:1.12.20-8.el9.aarch64

dbus-devel is earlier than 1:1.12.20-7.el9_1  oval:com.redhat.rhsa:tst:20230335007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230335004 of type rpminfo_object
Name
dbus-devel

dbus-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230335004 of type rpminfo_object
Name
dbus-devel

dbus-libs is earlier than 1:1.12.20-7.el9_1  oval:com.redhat.rhsa:tst:20230335009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-libsaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-libs-1:1.12.20-8.el9.aarch64

dbus-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-libsaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-libs-1:1.12.20-8.el9.aarch64

dbus-tools is earlier than 1:1.12.20-7.el9_1  oval:com.redhat.rhsa:tst:20230335011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-toolsaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-tools-1:1.12.20-8.el9.aarch64

dbus-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-toolsaarch6418.el91.12.201:1.12.20-8.el9199e2f91fd431d51dbus-tools-1:1.12.20-8.el9.aarch64

dbus-x11 is earlier than 1:1.12.20-7.el9_1  oval:com.redhat.rhsa:tst:20230335013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230335007 of type rpminfo_object
Name
dbus-x11

dbus-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230335014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230335007 of type rpminfo_object
Name
dbus-x11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230334
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-162.12.1.rt21.175.el9_1 is currently running  oval:com.redhat.rhsa:tst:20230300025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-162.12.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20230334056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230334030 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-abi-stablelists is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-extra is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-devel is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-modules is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334033  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-zfcpdump is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-162.12.1.el9_1  oval:com.redhat.rhsa:tst:20230334053  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230333
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

curl is earlier than 0:7.76.1-19.el9_1.1  oval:com.redhat.rhsa:tst:20230333001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl-minimal is earlier than 0:7.76.1-19.el9_1.1  oval:com.redhat.rhsa:tst:20230333003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

curl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

libcurl is earlier than 0:7.76.1-19.el9_1.1  oval:com.redhat.rhsa:tst:20230333005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl-devel is earlier than 0:7.76.1-19.el9_1.1  oval:com.redhat.rhsa:tst:20230333007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-minimal is earlier than 0:7.76.1-19.el9_1.1  oval:com.redhat.rhsa:tst:20230333009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal

libcurl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230328
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

golang is earlier than 0:1.18.9-1.el9_1  oval:com.redhat.rhsa:tst:20230328001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang-bin is earlier than 0:1.18.9-1.el9_1  oval:com.redhat.rhsa:tst:20230328003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-bin is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-docs is earlier than 0:1.18.9-1.el9_1  oval:com.redhat.rhsa:tst:20230328005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-misc is earlier than 0:1.18.9-1.el9_1  oval:com.redhat.rhsa:tst:20230328007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-misc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-race is earlier than 0:1.18.9-1.el9_1  oval:com.redhat.rhsa:tst:20230328009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-race is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-src is earlier than 0:1.18.9-1.el9_1  oval:com.redhat.rhsa:tst:20230328011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-tests is earlier than 0:1.18.9-1.el9_1  oval:com.redhat.rhsa:tst:20230328013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests

golang-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230321
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nodejs-nodemon is earlier than 0:2.0.20-2.el9_1  oval:com.redhat.rhsa:tst:20230321001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-nodemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs is earlier than 1:16.18.1-3.el9_1  oval:com.redhat.rhsa:tst:20230321003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-docs is earlier than 1:16.18.1-3.el9_1  oval:com.redhat.rhsa:tst:20230321005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:16.18.1-3.el9_1  oval:com.redhat.rhsa:tst:20230321007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-libs is earlier than 1:16.18.1-3.el9_1  oval:com.redhat.rhsa:tst:20230321009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

nodejs-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226595008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

npm is earlier than 1:8.19.2-1.16.18.1.3.el9_1  oval:com.redhat.rhsa:tst:20230321011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230318
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

postgresql-jdbc is earlier than 0:42.2.18-6.el9_1  oval:com.redhat.rhsa:tst:20230318001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230318001 of type rpminfo_object
Name
postgresql-jdbc

postgresql-jdbc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230318002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230318001 of type rpminfo_object
Name
postgresql-jdbc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230304
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

autocorr-af is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304001 of type rpminfo_object
Name
autocorr-af

autocorr-af is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304001 of type rpminfo_object
Name
autocorr-af

autocorr-bg is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304002 of type rpminfo_object
Name
autocorr-bg

autocorr-bg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304002 of type rpminfo_object
Name
autocorr-bg

autocorr-ca is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304003 of type rpminfo_object
Name
autocorr-ca

autocorr-ca is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304003 of type rpminfo_object
Name
autocorr-ca

autocorr-cs is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304004 of type rpminfo_object
Name
autocorr-cs

autocorr-cs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304004 of type rpminfo_object
Name
autocorr-cs

autocorr-da is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304005 of type rpminfo_object
Name
autocorr-da

autocorr-da is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304005 of type rpminfo_object
Name
autocorr-da

autocorr-de is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304006 of type rpminfo_object
Name
autocorr-de

autocorr-de is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304006 of type rpminfo_object
Name
autocorr-de

autocorr-dsb is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304007 of type rpminfo_object
Name
autocorr-dsb

autocorr-dsb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304007 of type rpminfo_object
Name
autocorr-dsb

autocorr-el is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304008 of type rpminfo_object
Name
autocorr-el

autocorr-el is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304008 of type rpminfo_object
Name
autocorr-el

autocorr-en is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304009 of type rpminfo_object
Name
autocorr-en

autocorr-en is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304009 of type rpminfo_object
Name
autocorr-en

autocorr-es is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304010 of type rpminfo_object
Name
autocorr-es

autocorr-es is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304010 of type rpminfo_object
Name
autocorr-es

autocorr-fa is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304011 of type rpminfo_object
Name
autocorr-fa

autocorr-fa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304011 of type rpminfo_object
Name
autocorr-fa

autocorr-fi is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304012 of type rpminfo_object
Name
autocorr-fi

autocorr-fi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304012 of type rpminfo_object
Name
autocorr-fi

autocorr-fr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304013 of type rpminfo_object
Name
autocorr-fr

autocorr-fr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304013 of type rpminfo_object
Name
autocorr-fr

autocorr-ga is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304014 of type rpminfo_object
Name
autocorr-ga

autocorr-ga is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304014 of type rpminfo_object
Name
autocorr-ga

autocorr-hr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304015 of type rpminfo_object
Name
autocorr-hr

autocorr-hr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304015 of type rpminfo_object
Name
autocorr-hr

autocorr-hsb is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304016 of type rpminfo_object
Name
autocorr-hsb

autocorr-hsb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304016 of type rpminfo_object
Name
autocorr-hsb

autocorr-hu is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304017 of type rpminfo_object
Name
autocorr-hu

autocorr-hu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304017 of type rpminfo_object
Name
autocorr-hu

autocorr-is is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304018 of type rpminfo_object
Name
autocorr-is

autocorr-is is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304018 of type rpminfo_object
Name
autocorr-is

autocorr-it is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304019 of type rpminfo_object
Name
autocorr-it

autocorr-it is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304019 of type rpminfo_object
Name
autocorr-it

autocorr-ja is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304020 of type rpminfo_object
Name
autocorr-ja

autocorr-ja is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304020 of type rpminfo_object
Name
autocorr-ja

autocorr-ko is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304021 of type rpminfo_object
Name
autocorr-ko

autocorr-ko is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304021 of type rpminfo_object
Name
autocorr-ko

autocorr-lb is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304022 of type rpminfo_object
Name
autocorr-lb

autocorr-lb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304022 of type rpminfo_object
Name
autocorr-lb

autocorr-lt is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304023 of type rpminfo_object
Name
autocorr-lt

autocorr-lt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304023 of type rpminfo_object
Name
autocorr-lt

autocorr-mn is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304024 of type rpminfo_object
Name
autocorr-mn

autocorr-mn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304024 of type rpminfo_object
Name
autocorr-mn

autocorr-nl is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304025 of type rpminfo_object
Name
autocorr-nl

autocorr-nl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304025 of type rpminfo_object
Name
autocorr-nl

autocorr-pl is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304026 of type rpminfo_object
Name
autocorr-pl

autocorr-pl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304026 of type rpminfo_object
Name
autocorr-pl

autocorr-pt is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304027 of type rpminfo_object
Name
autocorr-pt

autocorr-pt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304027 of type rpminfo_object
Name
autocorr-pt

autocorr-ro is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304055  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304028 of type rpminfo_object
Name
autocorr-ro

autocorr-ro is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304028 of type rpminfo_object
Name
autocorr-ro

autocorr-ru is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304057  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304029 of type rpminfo_object
Name
autocorr-ru

autocorr-ru is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304058  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304029 of type rpminfo_object
Name
autocorr-ru

autocorr-sk is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304059  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304030 of type rpminfo_object
Name
autocorr-sk

autocorr-sk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304060  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304030 of type rpminfo_object
Name
autocorr-sk

autocorr-sl is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304061  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304031 of type rpminfo_object
Name
autocorr-sl

autocorr-sl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304062  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304031 of type rpminfo_object
Name
autocorr-sl

autocorr-sr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304063  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304032 of type rpminfo_object
Name
autocorr-sr

autocorr-sr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304064  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304032 of type rpminfo_object
Name
autocorr-sr

autocorr-sv is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304065  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304033 of type rpminfo_object
Name
autocorr-sv

autocorr-sv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304066  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304033 of type rpminfo_object
Name
autocorr-sv

autocorr-tr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304067  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304034 of type rpminfo_object
Name
autocorr-tr

autocorr-tr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304068  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304034 of type rpminfo_object
Name
autocorr-tr

autocorr-vi is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304069  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304035 of type rpminfo_object
Name
autocorr-vi

autocorr-vi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304070  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304035 of type rpminfo_object
Name
autocorr-vi

autocorr-vro is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304071  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304036 of type rpminfo_object
Name
autocorr-vro

autocorr-vro is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304072  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304036 of type rpminfo_object
Name
autocorr-vro

autocorr-zh is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304073  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304037 of type rpminfo_object
Name
autocorr-zh

autocorr-zh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304074  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304037 of type rpminfo_object
Name
autocorr-zh

libreoffice-base is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304075  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304038 of type rpminfo_object
Name
libreoffice-base

libreoffice-base is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304076  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304038 of type rpminfo_object
Name
libreoffice-base

libreoffice-calc is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304077  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304039 of type rpminfo_object
Name
libreoffice-calc

libreoffice-calc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304078  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304039 of type rpminfo_object
Name
libreoffice-calc

libreoffice-core is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304079  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304040 of type rpminfo_object
Name
libreoffice-core

libreoffice-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304080  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304040 of type rpminfo_object
Name
libreoffice-core

libreoffice-data is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304081  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304041 of type rpminfo_object
Name
libreoffice-data

libreoffice-data is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304082  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304041 of type rpminfo_object
Name
libreoffice-data

libreoffice-draw is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304083  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304042 of type rpminfo_object
Name
libreoffice-draw

libreoffice-draw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304084  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304042 of type rpminfo_object
Name
libreoffice-draw

libreoffice-emailmerge is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304085  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304043 of type rpminfo_object
Name
libreoffice-emailmerge

libreoffice-emailmerge is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304086  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304043 of type rpminfo_object
Name
libreoffice-emailmerge

libreoffice-filters is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304087  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304044 of type rpminfo_object
Name
libreoffice-filters

libreoffice-filters is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304088  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304044 of type rpminfo_object
Name
libreoffice-filters

libreoffice-gdb-debug-support is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304089  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304045 of type rpminfo_object
Name
libreoffice-gdb-debug-support

libreoffice-gdb-debug-support is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304090  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304045 of type rpminfo_object
Name
libreoffice-gdb-debug-support

libreoffice-graphicfilter is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304091  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304046 of type rpminfo_object
Name
libreoffice-graphicfilter

libreoffice-graphicfilter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304092  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304046 of type rpminfo_object
Name
libreoffice-graphicfilter

libreoffice-gtk3 is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304093  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304047 of type rpminfo_object
Name
libreoffice-gtk3

libreoffice-gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304094  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304047 of type rpminfo_object
Name
libreoffice-gtk3

libreoffice-help-ar is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304095  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304048 of type rpminfo_object
Name
libreoffice-help-ar

libreoffice-help-ar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304096  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304048 of type rpminfo_object
Name
libreoffice-help-ar

libreoffice-help-bg is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304097  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304049 of type rpminfo_object
Name
libreoffice-help-bg

libreoffice-help-bg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304098  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304049 of type rpminfo_object
Name
libreoffice-help-bg

libreoffice-help-bn is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304099  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304050 of type rpminfo_object
Name
libreoffice-help-bn

libreoffice-help-bn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304100  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304050 of type rpminfo_object
Name
libreoffice-help-bn

libreoffice-help-ca is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304101  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304051 of type rpminfo_object
Name
libreoffice-help-ca

libreoffice-help-ca is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304102  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304051 of type rpminfo_object
Name
libreoffice-help-ca

libreoffice-help-cs is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304103  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304052 of type rpminfo_object
Name
libreoffice-help-cs

libreoffice-help-cs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304104  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304052 of type rpminfo_object
Name
libreoffice-help-cs

libreoffice-help-da is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304105  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304053 of type rpminfo_object
Name
libreoffice-help-da

libreoffice-help-da is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304106  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304053 of type rpminfo_object
Name
libreoffice-help-da

libreoffice-help-de is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304107  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304054 of type rpminfo_object
Name
libreoffice-help-de

libreoffice-help-de is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304108  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304054 of type rpminfo_object
Name
libreoffice-help-de

libreoffice-help-dz is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304109  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304055 of type rpminfo_object
Name
libreoffice-help-dz

libreoffice-help-dz is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304110  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304055 of type rpminfo_object
Name
libreoffice-help-dz

libreoffice-help-el is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304111  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304056 of type rpminfo_object
Name
libreoffice-help-el

libreoffice-help-el is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304112  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304056 of type rpminfo_object
Name
libreoffice-help-el

libreoffice-help-en is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304113  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304057 of type rpminfo_object
Name
libreoffice-help-en

libreoffice-help-en is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304114  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304057 of type rpminfo_object
Name
libreoffice-help-en

libreoffice-help-eo is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304115  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304058 of type rpminfo_object
Name
libreoffice-help-eo

libreoffice-help-eo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304116  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304058 of type rpminfo_object
Name
libreoffice-help-eo

libreoffice-help-es is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304117  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304059 of type rpminfo_object
Name
libreoffice-help-es

libreoffice-help-es is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304118  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304059 of type rpminfo_object
Name
libreoffice-help-es

libreoffice-help-et is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304119  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304060 of type rpminfo_object
Name
libreoffice-help-et

libreoffice-help-et is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304120  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304060 of type rpminfo_object
Name
libreoffice-help-et

libreoffice-help-eu is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304121  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304061 of type rpminfo_object
Name
libreoffice-help-eu

libreoffice-help-eu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304122  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304061 of type rpminfo_object
Name
libreoffice-help-eu

libreoffice-help-fi is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304123  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304062 of type rpminfo_object
Name
libreoffice-help-fi

libreoffice-help-fi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304124  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304062 of type rpminfo_object
Name
libreoffice-help-fi

libreoffice-help-fr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304125  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304063 of type rpminfo_object
Name
libreoffice-help-fr

libreoffice-help-fr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304126  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304063 of type rpminfo_object
Name
libreoffice-help-fr

libreoffice-help-gl is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304127  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304064 of type rpminfo_object
Name
libreoffice-help-gl

libreoffice-help-gl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304128  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304064 of type rpminfo_object
Name
libreoffice-help-gl

libreoffice-help-gu is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304129  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304065 of type rpminfo_object
Name
libreoffice-help-gu

libreoffice-help-gu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304130  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304065 of type rpminfo_object
Name
libreoffice-help-gu

libreoffice-help-he is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304131  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304066 of type rpminfo_object
Name
libreoffice-help-he

libreoffice-help-he is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304132  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304066 of type rpminfo_object
Name
libreoffice-help-he

libreoffice-help-hi is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304133  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304067 of type rpminfo_object
Name
libreoffice-help-hi

libreoffice-help-hi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304134  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304067 of type rpminfo_object
Name
libreoffice-help-hi

libreoffice-help-hr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304135  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304068 of type rpminfo_object
Name
libreoffice-help-hr

libreoffice-help-hr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304136  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304068 of type rpminfo_object
Name
libreoffice-help-hr

libreoffice-help-hu is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304137  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304069 of type rpminfo_object
Name
libreoffice-help-hu

libreoffice-help-hu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304138  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304069 of type rpminfo_object
Name
libreoffice-help-hu

libreoffice-help-id is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304139  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304070 of type rpminfo_object
Name
libreoffice-help-id

libreoffice-help-id is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304140  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304070 of type rpminfo_object
Name
libreoffice-help-id

libreoffice-help-it is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304141  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304071 of type rpminfo_object
Name
libreoffice-help-it

libreoffice-help-it is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304142  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304071 of type rpminfo_object
Name
libreoffice-help-it

libreoffice-help-ja is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304143  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304072 of type rpminfo_object
Name
libreoffice-help-ja

libreoffice-help-ja is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304144  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304072 of type rpminfo_object
Name
libreoffice-help-ja

libreoffice-help-ko is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304145  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304073 of type rpminfo_object
Name
libreoffice-help-ko

libreoffice-help-ko is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304146  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304073 of type rpminfo_object
Name
libreoffice-help-ko

libreoffice-help-lt is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304147  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304074 of type rpminfo_object
Name
libreoffice-help-lt

libreoffice-help-lt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304148  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304074 of type rpminfo_object
Name
libreoffice-help-lt

libreoffice-help-lv is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304149  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304075 of type rpminfo_object
Name
libreoffice-help-lv

libreoffice-help-lv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304150  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304075 of type rpminfo_object
Name
libreoffice-help-lv

libreoffice-help-nb is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304151  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304076 of type rpminfo_object
Name
libreoffice-help-nb

libreoffice-help-nb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304152  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304076 of type rpminfo_object
Name
libreoffice-help-nb

libreoffice-help-nl is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304153  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304077 of type rpminfo_object
Name
libreoffice-help-nl

libreoffice-help-nl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304154  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304077 of type rpminfo_object
Name
libreoffice-help-nl

libreoffice-help-nn is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304155  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304078 of type rpminfo_object
Name
libreoffice-help-nn

libreoffice-help-nn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304156  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304078 of type rpminfo_object
Name
libreoffice-help-nn

libreoffice-help-pl is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304157  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304079 of type rpminfo_object
Name
libreoffice-help-pl

libreoffice-help-pl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304158  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304079 of type rpminfo_object
Name
libreoffice-help-pl

libreoffice-help-pt-BR is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304159  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304080 of type rpminfo_object
Name
libreoffice-help-pt-BR

libreoffice-help-pt-BR is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304160  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304080 of type rpminfo_object
Name
libreoffice-help-pt-BR

libreoffice-help-pt-PT is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304161  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304081 of type rpminfo_object
Name
libreoffice-help-pt-PT

libreoffice-help-pt-PT is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304162  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304081 of type rpminfo_object
Name
libreoffice-help-pt-PT

libreoffice-help-ro is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304163  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304082 of type rpminfo_object
Name
libreoffice-help-ro

libreoffice-help-ro is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304164  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304082 of type rpminfo_object
Name
libreoffice-help-ro

libreoffice-help-ru is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304165  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304083 of type rpminfo_object
Name
libreoffice-help-ru

libreoffice-help-ru is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304166  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304083 of type rpminfo_object
Name
libreoffice-help-ru

libreoffice-help-si is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304167  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304084 of type rpminfo_object
Name
libreoffice-help-si

libreoffice-help-si is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304168  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304084 of type rpminfo_object
Name
libreoffice-help-si

libreoffice-help-sk is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304169  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304085 of type rpminfo_object
Name
libreoffice-help-sk

libreoffice-help-sk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304170  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304085 of type rpminfo_object
Name
libreoffice-help-sk

libreoffice-help-sl is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304171  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304086 of type rpminfo_object
Name
libreoffice-help-sl

libreoffice-help-sl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304172  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304086 of type rpminfo_object
Name
libreoffice-help-sl

libreoffice-help-sv is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304173  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304087 of type rpminfo_object
Name
libreoffice-help-sv

libreoffice-help-sv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304174  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304087 of type rpminfo_object
Name
libreoffice-help-sv

libreoffice-help-ta is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304175  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304088 of type rpminfo_object
Name
libreoffice-help-ta

libreoffice-help-ta is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304176  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304088 of type rpminfo_object
Name
libreoffice-help-ta

libreoffice-help-tr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304177  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304089 of type rpminfo_object
Name
libreoffice-help-tr

libreoffice-help-tr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304178  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304089 of type rpminfo_object
Name
libreoffice-help-tr

libreoffice-help-uk is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304179  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304090 of type rpminfo_object
Name
libreoffice-help-uk

libreoffice-help-uk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304180  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304090 of type rpminfo_object
Name
libreoffice-help-uk

libreoffice-help-zh-Hans is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304181  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304091 of type rpminfo_object
Name
libreoffice-help-zh-Hans

libreoffice-help-zh-Hans is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304182  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304091 of type rpminfo_object
Name
libreoffice-help-zh-Hans

libreoffice-help-zh-Hant is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304183  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304092 of type rpminfo_object
Name
libreoffice-help-zh-Hant

libreoffice-help-zh-Hant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304184  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304092 of type rpminfo_object
Name
libreoffice-help-zh-Hant

libreoffice-impress is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304185  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304093 of type rpminfo_object
Name
libreoffice-impress

libreoffice-impress is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304186  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304093 of type rpminfo_object
Name
libreoffice-impress

libreoffice-langpack-af is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304187  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304094 of type rpminfo_object
Name
libreoffice-langpack-af

libreoffice-langpack-af is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304188  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304094 of type rpminfo_object
Name
libreoffice-langpack-af

libreoffice-langpack-ar is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304189  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304095 of type rpminfo_object
Name
libreoffice-langpack-ar

libreoffice-langpack-ar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304190  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304095 of type rpminfo_object
Name
libreoffice-langpack-ar

libreoffice-langpack-as is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304191  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304096 of type rpminfo_object
Name
libreoffice-langpack-as

libreoffice-langpack-as is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304192  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304096 of type rpminfo_object
Name
libreoffice-langpack-as

libreoffice-langpack-bg is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304193  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304097 of type rpminfo_object
Name
libreoffice-langpack-bg

libreoffice-langpack-bg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304194  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304097 of type rpminfo_object
Name
libreoffice-langpack-bg

libreoffice-langpack-bn is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304195  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304098 of type rpminfo_object
Name
libreoffice-langpack-bn

libreoffice-langpack-bn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304196  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304098 of type rpminfo_object
Name
libreoffice-langpack-bn

libreoffice-langpack-br is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304197  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304099 of type rpminfo_object
Name
libreoffice-langpack-br

libreoffice-langpack-br is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304198  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304099 of type rpminfo_object
Name
libreoffice-langpack-br

libreoffice-langpack-ca is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304199  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304100 of type rpminfo_object
Name
libreoffice-langpack-ca

libreoffice-langpack-ca is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304200  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304100 of type rpminfo_object
Name
libreoffice-langpack-ca

libreoffice-langpack-cs is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304201  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304101 of type rpminfo_object
Name
libreoffice-langpack-cs

libreoffice-langpack-cs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304202  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304101 of type rpminfo_object
Name
libreoffice-langpack-cs

libreoffice-langpack-cy is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304203  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304102 of type rpminfo_object
Name
libreoffice-langpack-cy

libreoffice-langpack-cy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304204  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304102 of type rpminfo_object
Name
libreoffice-langpack-cy

libreoffice-langpack-da is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304205  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304103 of type rpminfo_object
Name
libreoffice-langpack-da

libreoffice-langpack-da is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304206  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304103 of type rpminfo_object
Name
libreoffice-langpack-da

libreoffice-langpack-de is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304207  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304104 of type rpminfo_object
Name
libreoffice-langpack-de

libreoffice-langpack-de is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304208  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304104 of type rpminfo_object
Name
libreoffice-langpack-de

libreoffice-langpack-dz is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304209  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304105 of type rpminfo_object
Name
libreoffice-langpack-dz

libreoffice-langpack-dz is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304210  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304105 of type rpminfo_object
Name
libreoffice-langpack-dz

libreoffice-langpack-el is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304211  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304106 of type rpminfo_object
Name
libreoffice-langpack-el

libreoffice-langpack-el is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304212  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304106 of type rpminfo_object
Name
libreoffice-langpack-el

libreoffice-langpack-en is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304213  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304107 of type rpminfo_object
Name
libreoffice-langpack-en

libreoffice-langpack-en is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304214  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304107 of type rpminfo_object
Name
libreoffice-langpack-en

libreoffice-langpack-eo is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304215  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304108 of type rpminfo_object
Name
libreoffice-langpack-eo

libreoffice-langpack-eo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304216  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304108 of type rpminfo_object
Name
libreoffice-langpack-eo

libreoffice-langpack-es is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304217  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304109 of type rpminfo_object
Name
libreoffice-langpack-es

libreoffice-langpack-es is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304218  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304109 of type rpminfo_object
Name
libreoffice-langpack-es

libreoffice-langpack-et is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304219  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304110 of type rpminfo_object
Name
libreoffice-langpack-et

libreoffice-langpack-et is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304220  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304110 of type rpminfo_object
Name
libreoffice-langpack-et

libreoffice-langpack-eu is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304221  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304111 of type rpminfo_object
Name
libreoffice-langpack-eu

libreoffice-langpack-eu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304222  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304111 of type rpminfo_object
Name
libreoffice-langpack-eu

libreoffice-langpack-fa is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304223  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304112 of type rpminfo_object
Name
libreoffice-langpack-fa

libreoffice-langpack-fa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304224  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304112 of type rpminfo_object
Name
libreoffice-langpack-fa

libreoffice-langpack-fi is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304225  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304113 of type rpminfo_object
Name
libreoffice-langpack-fi

libreoffice-langpack-fi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304226  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304113 of type rpminfo_object
Name
libreoffice-langpack-fi

libreoffice-langpack-fr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304227  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304114 of type rpminfo_object
Name
libreoffice-langpack-fr

libreoffice-langpack-fr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304228  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304114 of type rpminfo_object
Name
libreoffice-langpack-fr

libreoffice-langpack-fy is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304229  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304115 of type rpminfo_object
Name
libreoffice-langpack-fy

libreoffice-langpack-fy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304230  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304115 of type rpminfo_object
Name
libreoffice-langpack-fy

libreoffice-langpack-ga is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304231  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304116 of type rpminfo_object
Name
libreoffice-langpack-ga

libreoffice-langpack-ga is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304232  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304116 of type rpminfo_object
Name
libreoffice-langpack-ga

libreoffice-langpack-gl is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304233  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304117 of type rpminfo_object
Name
libreoffice-langpack-gl

libreoffice-langpack-gl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304234  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304117 of type rpminfo_object
Name
libreoffice-langpack-gl

libreoffice-langpack-gu is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304235  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304118 of type rpminfo_object
Name
libreoffice-langpack-gu

libreoffice-langpack-gu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304236  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304118 of type rpminfo_object
Name
libreoffice-langpack-gu

libreoffice-langpack-he is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304237  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304119 of type rpminfo_object
Name
libreoffice-langpack-he

libreoffice-langpack-he is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304238  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304119 of type rpminfo_object
Name
libreoffice-langpack-he

libreoffice-langpack-hi is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304239  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304120 of type rpminfo_object
Name
libreoffice-langpack-hi

libreoffice-langpack-hi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304240  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304120 of type rpminfo_object
Name
libreoffice-langpack-hi

libreoffice-langpack-hr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304241  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304121 of type rpminfo_object
Name
libreoffice-langpack-hr

libreoffice-langpack-hr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304242  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304121 of type rpminfo_object
Name
libreoffice-langpack-hr

libreoffice-langpack-hu is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304243  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304122 of type rpminfo_object
Name
libreoffice-langpack-hu

libreoffice-langpack-hu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304244  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304122 of type rpminfo_object
Name
libreoffice-langpack-hu

libreoffice-langpack-id is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304245  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304123 of type rpminfo_object
Name
libreoffice-langpack-id

libreoffice-langpack-id is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304246  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304123 of type rpminfo_object
Name
libreoffice-langpack-id

libreoffice-langpack-it is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304247  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304124 of type rpminfo_object
Name
libreoffice-langpack-it

libreoffice-langpack-it is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304248  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304124 of type rpminfo_object
Name
libreoffice-langpack-it

libreoffice-langpack-ja is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304249  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304125 of type rpminfo_object
Name
libreoffice-langpack-ja

libreoffice-langpack-ja is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304250  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304125 of type rpminfo_object
Name
libreoffice-langpack-ja

libreoffice-langpack-kk is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304251  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304126 of type rpminfo_object
Name
libreoffice-langpack-kk

libreoffice-langpack-kk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304252  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304126 of type rpminfo_object
Name
libreoffice-langpack-kk

libreoffice-langpack-kn is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304253  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304127 of type rpminfo_object
Name
libreoffice-langpack-kn

libreoffice-langpack-kn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304254  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304127 of type rpminfo_object
Name
libreoffice-langpack-kn

libreoffice-langpack-ko is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304255  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304128 of type rpminfo_object
Name
libreoffice-langpack-ko

libreoffice-langpack-ko is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304256  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304128 of type rpminfo_object
Name
libreoffice-langpack-ko

libreoffice-langpack-lt is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304257  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304129 of type rpminfo_object
Name
libreoffice-langpack-lt

libreoffice-langpack-lt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304258  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304129 of type rpminfo_object
Name
libreoffice-langpack-lt

libreoffice-langpack-lv is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304259  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304130 of type rpminfo_object
Name
libreoffice-langpack-lv

libreoffice-langpack-lv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304260  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304130 of type rpminfo_object
Name
libreoffice-langpack-lv

libreoffice-langpack-mai is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304261  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304131 of type rpminfo_object
Name
libreoffice-langpack-mai

libreoffice-langpack-mai is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304262  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304131 of type rpminfo_object
Name
libreoffice-langpack-mai

libreoffice-langpack-ml is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304263  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304132 of type rpminfo_object
Name
libreoffice-langpack-ml

libreoffice-langpack-ml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304264  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304132 of type rpminfo_object
Name
libreoffice-langpack-ml

libreoffice-langpack-mr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304265  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304133 of type rpminfo_object
Name
libreoffice-langpack-mr

libreoffice-langpack-mr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304266  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304133 of type rpminfo_object
Name
libreoffice-langpack-mr

libreoffice-langpack-nb is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304267  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304134 of type rpminfo_object
Name
libreoffice-langpack-nb

libreoffice-langpack-nb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304268  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304134 of type rpminfo_object
Name
libreoffice-langpack-nb

libreoffice-langpack-nl is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304269  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304135 of type rpminfo_object
Name
libreoffice-langpack-nl

libreoffice-langpack-nl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304270  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304135 of type rpminfo_object
Name
libreoffice-langpack-nl

libreoffice-langpack-nn is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304271  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304136 of type rpminfo_object
Name
libreoffice-langpack-nn

libreoffice-langpack-nn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304272  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304136 of type rpminfo_object
Name
libreoffice-langpack-nn

libreoffice-langpack-nr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304273  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304137 of type rpminfo_object
Name
libreoffice-langpack-nr

libreoffice-langpack-nr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304274  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304137 of type rpminfo_object
Name
libreoffice-langpack-nr

libreoffice-langpack-nso is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304275  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304138 of type rpminfo_object
Name
libreoffice-langpack-nso

libreoffice-langpack-nso is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304276  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304138 of type rpminfo_object
Name
libreoffice-langpack-nso

libreoffice-langpack-or is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304277  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304139 of type rpminfo_object
Name
libreoffice-langpack-or

libreoffice-langpack-or is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304278  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304139 of type rpminfo_object
Name
libreoffice-langpack-or

libreoffice-langpack-pa is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304279  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304140 of type rpminfo_object
Name
libreoffice-langpack-pa

libreoffice-langpack-pa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304280  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304140 of type rpminfo_object
Name
libreoffice-langpack-pa

libreoffice-langpack-pl is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304281  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304141 of type rpminfo_object
Name
libreoffice-langpack-pl

libreoffice-langpack-pl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304282  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304141 of type rpminfo_object
Name
libreoffice-langpack-pl

libreoffice-langpack-pt-BR is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304283  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304142 of type rpminfo_object
Name
libreoffice-langpack-pt-BR

libreoffice-langpack-pt-BR is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304284  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304142 of type rpminfo_object
Name
libreoffice-langpack-pt-BR

libreoffice-langpack-pt-PT is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304285  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304143 of type rpminfo_object
Name
libreoffice-langpack-pt-PT

libreoffice-langpack-pt-PT is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304286  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304143 of type rpminfo_object
Name
libreoffice-langpack-pt-PT

libreoffice-langpack-ro is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304287  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304144 of type rpminfo_object
Name
libreoffice-langpack-ro

libreoffice-langpack-ro is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304288  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304144 of type rpminfo_object
Name
libreoffice-langpack-ro

libreoffice-langpack-ru is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304289  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304145 of type rpminfo_object
Name
libreoffice-langpack-ru

libreoffice-langpack-ru is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304290  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304145 of type rpminfo_object
Name
libreoffice-langpack-ru

libreoffice-langpack-si is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304291  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304146 of type rpminfo_object
Name
libreoffice-langpack-si

libreoffice-langpack-si is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304292  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304146 of type rpminfo_object
Name
libreoffice-langpack-si

libreoffice-langpack-sk is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304293  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304147 of type rpminfo_object
Name
libreoffice-langpack-sk

libreoffice-langpack-sk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304294  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304147 of type rpminfo_object
Name
libreoffice-langpack-sk

libreoffice-langpack-sl is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304295  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304148 of type rpminfo_object
Name
libreoffice-langpack-sl

libreoffice-langpack-sl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304296  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304148 of type rpminfo_object
Name
libreoffice-langpack-sl

libreoffice-langpack-sr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304297  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304149 of type rpminfo_object
Name
libreoffice-langpack-sr

libreoffice-langpack-sr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304298  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304149 of type rpminfo_object
Name
libreoffice-langpack-sr

libreoffice-langpack-ss is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304299  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304150 of type rpminfo_object
Name
libreoffice-langpack-ss

libreoffice-langpack-ss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304300  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304150 of type rpminfo_object
Name
libreoffice-langpack-ss

libreoffice-langpack-st is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304301  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304151 of type rpminfo_object
Name
libreoffice-langpack-st

libreoffice-langpack-st is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304302  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304151 of type rpminfo_object
Name
libreoffice-langpack-st

libreoffice-langpack-sv is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304303  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304152 of type rpminfo_object
Name
libreoffice-langpack-sv

libreoffice-langpack-sv is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304304  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304152 of type rpminfo_object
Name
libreoffice-langpack-sv

libreoffice-langpack-ta is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304305  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304153 of type rpminfo_object
Name
libreoffice-langpack-ta

libreoffice-langpack-ta is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304306  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304153 of type rpminfo_object
Name
libreoffice-langpack-ta

libreoffice-langpack-te is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304307  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304154 of type rpminfo_object
Name
libreoffice-langpack-te

libreoffice-langpack-te is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304308  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304154 of type rpminfo_object
Name
libreoffice-langpack-te

libreoffice-langpack-th is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304309  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304155 of type rpminfo_object
Name
libreoffice-langpack-th

libreoffice-langpack-th is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304310  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304155 of type rpminfo_object
Name
libreoffice-langpack-th

libreoffice-langpack-tn is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304311  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304156 of type rpminfo_object
Name
libreoffice-langpack-tn

libreoffice-langpack-tn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304312  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304156 of type rpminfo_object
Name
libreoffice-langpack-tn

libreoffice-langpack-tr is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304313  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304157 of type rpminfo_object
Name
libreoffice-langpack-tr

libreoffice-langpack-tr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304314  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304157 of type rpminfo_object
Name
libreoffice-langpack-tr

libreoffice-langpack-ts is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304315  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304158 of type rpminfo_object
Name
libreoffice-langpack-ts

libreoffice-langpack-ts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304316  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304158 of type rpminfo_object
Name
libreoffice-langpack-ts

libreoffice-langpack-uk is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304317  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304159 of type rpminfo_object
Name
libreoffice-langpack-uk

libreoffice-langpack-uk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304318  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304159 of type rpminfo_object
Name
libreoffice-langpack-uk

libreoffice-langpack-ve is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304319  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304160 of type rpminfo_object
Name
libreoffice-langpack-ve

libreoffice-langpack-ve is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304320  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304160 of type rpminfo_object
Name
libreoffice-langpack-ve

libreoffice-langpack-xh is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304321  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304161 of type rpminfo_object
Name
libreoffice-langpack-xh

libreoffice-langpack-xh is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304322  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304161 of type rpminfo_object
Name
libreoffice-langpack-xh

libreoffice-langpack-zh-Hans is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304323  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304162 of type rpminfo_object
Name
libreoffice-langpack-zh-Hans

libreoffice-langpack-zh-Hans is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304324  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304162 of type rpminfo_object
Name
libreoffice-langpack-zh-Hans

libreoffice-langpack-zh-Hant is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304325  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304163 of type rpminfo_object
Name
libreoffice-langpack-zh-Hant

libreoffice-langpack-zh-Hant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304326  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304163 of type rpminfo_object
Name
libreoffice-langpack-zh-Hant

libreoffice-langpack-zu is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304327  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304164 of type rpminfo_object
Name
libreoffice-langpack-zu

libreoffice-langpack-zu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304328  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304164 of type rpminfo_object
Name
libreoffice-langpack-zu

libreoffice-math is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304329  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304165 of type rpminfo_object
Name
libreoffice-math

libreoffice-math is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304330  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304165 of type rpminfo_object
Name
libreoffice-math

libreoffice-ogltrans is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304331  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304166 of type rpminfo_object
Name
libreoffice-ogltrans

libreoffice-ogltrans is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304332  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304166 of type rpminfo_object
Name
libreoffice-ogltrans

libreoffice-opensymbol-fonts is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304333  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304167 of type rpminfo_object
Name
libreoffice-opensymbol-fonts

libreoffice-opensymbol-fonts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304334  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304167 of type rpminfo_object
Name
libreoffice-opensymbol-fonts

libreoffice-pdfimport is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304335  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304168 of type rpminfo_object
Name
libreoffice-pdfimport

libreoffice-pdfimport is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304336  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304168 of type rpminfo_object
Name
libreoffice-pdfimport

libreoffice-pyuno is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304337  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304169 of type rpminfo_object
Name
libreoffice-pyuno

libreoffice-pyuno is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304338  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304169 of type rpminfo_object
Name
libreoffice-pyuno

libreoffice-sdk is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304339  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304170 of type rpminfo_object
Name
libreoffice-sdk

libreoffice-sdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304340  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304170 of type rpminfo_object
Name
libreoffice-sdk

libreoffice-sdk-doc is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304341  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304171 of type rpminfo_object
Name
libreoffice-sdk-doc

libreoffice-sdk-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304342  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304171 of type rpminfo_object
Name
libreoffice-sdk-doc

libreoffice-ure is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304343  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304172 of type rpminfo_object
Name
libreoffice-ure

libreoffice-ure is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304344  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304172 of type rpminfo_object
Name
libreoffice-ure

libreoffice-ure-common is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304345  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304173 of type rpminfo_object
Name
libreoffice-ure-common

libreoffice-ure-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304346  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304173 of type rpminfo_object
Name
libreoffice-ure-common

libreoffice-wiki-publisher is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304347  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304174 of type rpminfo_object
Name
libreoffice-wiki-publisher

libreoffice-wiki-publisher is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304348  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304174 of type rpminfo_object
Name
libreoffice-wiki-publisher

libreoffice-writer is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304349  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304175 of type rpminfo_object
Name
libreoffice-writer

libreoffice-writer is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304350  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304175 of type rpminfo_object
Name
libreoffice-writer

libreoffice-x11 is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304351  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304176 of type rpminfo_object
Name
libreoffice-x11

libreoffice-x11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304352  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304176 of type rpminfo_object
Name
libreoffice-x11

libreoffice-xsltfilter is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304353  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304177 of type rpminfo_object
Name
libreoffice-xsltfilter

libreoffice-xsltfilter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304354  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304177 of type rpminfo_object
Name
libreoffice-xsltfilter

libreofficekit is earlier than 1:7.1.8.1-8.el9_1  oval:com.redhat.rhsa:tst:20230304355  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304178 of type rpminfo_object
Name
libreofficekit

libreofficekit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230304356  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230304178 of type rpminfo_object
Name
libreofficekit
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230303
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

usbguard is earlier than 0:1.0.0-10.el9_1.2  oval:com.redhat.rhsa:tst:20230303001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230303001 of type rpminfo_object
Name
usbguard

usbguard is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230303002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230303001 of type rpminfo_object
Name
usbguard

usbguard-dbus is earlier than 0:1.0.0-10.el9_1.2  oval:com.redhat.rhsa:tst:20230303003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230303002 of type rpminfo_object
Name
usbguard-dbus

usbguard-dbus is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230303004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230303002 of type rpminfo_object
Name
usbguard-dbus

usbguard-notifier is earlier than 0:1.0.0-10.el9_1.2  oval:com.redhat.rhsa:tst:20230303005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230303003 of type rpminfo_object
Name
usbguard-notifier

usbguard-notifier is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230303006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230303003 of type rpminfo_object
Name
usbguard-notifier

usbguard-selinux is earlier than 0:1.0.0-10.el9_1.2  oval:com.redhat.rhsa:tst:20230303007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230303004 of type rpminfo_object
Name
usbguard-selinux

usbguard-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230303008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230303004 of type rpminfo_object
Name
usbguard-selinux

usbguard-tools is earlier than 0:1.0.0-10.el9_1.2  oval:com.redhat.rhsa:tst:20230303009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230303005 of type rpminfo_object
Name
usbguard-tools

usbguard-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230303010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230303005 of type rpminfo_object
Name
usbguard-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230302
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libtiff is earlier than 0:4.4.0-5.el9_1  oval:com.redhat.rhsa:tst:20230302001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtiffaarch64(none)10.el94.4.00:4.4.0-10.el9199e2f91fd431d51libtiff-0:4.4.0-10.el9.aarch64

libtiff is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtiffaarch64(none)10.el94.4.00:4.4.0-10.el9199e2f91fd431d51libtiff-0:4.4.0-10.el9.aarch64

libtiff-devel is earlier than 0:4.4.0-5.el9_1  oval:com.redhat.rhsa:tst:20230302003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194002 of type rpminfo_object
Name
libtiff-devel

libtiff-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194002 of type rpminfo_object
Name
libtiff-devel

libtiff-tools is earlier than 0:4.4.0-5.el9_1  oval:com.redhat.rhsa:tst:20230302005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194003 of type rpminfo_object
Name
libtiff-tools

libtiff-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194003 of type rpminfo_object
Name
libtiff-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230300
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-162.12.1.rt21.175.el9_1 is currently running  oval:com.redhat.rhsa:tst:20230300025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-162.12.1.rt21.175.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20230300026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230300015 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-extra is earlier than 0:5.14.0-162.12.1.rt21.175.el9_1  oval:com.redhat.rhsa:tst:20230300023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230285
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.7.0-1.el9_1  oval:com.redhat.rhsa:tst:20230285001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230282
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

sudo is earlier than 0:1.9.5p2-7.el9_1.1  oval:com.redhat.rhsa:tst:20230282001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
sudoaarch64(none)9.el91.9.5p20:1.9.5p2-9.el9199e2f91fd431d51sudo-0:1.9.5p2-9.el9.aarch64

sudo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230282002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
sudoaarch64(none)9.el91.9.5p20:1.9.5p2-9.el9199e2f91fd431d51sudo-0:1.9.5p2-9.el9.aarch64

sudo-python-plugin is earlier than 0:1.9.5p2-7.el9_1.1  oval:com.redhat.rhsa:tst:20230282003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230282002 of type rpminfo_object
Name
sudo-python-plugin

sudo-python-plugin is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230282004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230282002 of type rpminfo_object
Name
sudo-python-plugin
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230210
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-1.8.0-openjdk is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk-demo is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo-fastdebug is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-slowdebug is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-devel is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel-fastdebug is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-slowdebug is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-fastdebug is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-headless is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless-fastdebug is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-slowdebug is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-slowdebug is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-src is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src-fastdebug is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-slowdebug is earlier than 1:1.8.0.362.b09-2.el9_1  oval:com.redhat.rhsa:tst:20230210033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug

java-1.8.0-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230202
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-11-openjdk is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk-demo is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo-fastdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-slowdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-devel is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel-fastdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-slowdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-fastdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-headless is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless-fastdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-slowdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-javadoc is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc-zip is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-jmods is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods-fastdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-slowdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-slowdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-src is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src-fastdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-slowdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-static-libs is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs-fastdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-slowdebug is earlier than 1:11.0.18.0.10-2.el9_1  oval:com.redhat.rhsa:tst:20230202045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug

java-11-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230194
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-17-openjdk is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk-demo is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo-fastdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-slowdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-devel is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel-fastdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-slowdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-fastdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-headless is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless-fastdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-slowdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-javadoc is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc-zip is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-jmods is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods-fastdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-slowdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-slowdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-src is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src-fastdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-slowdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-static-libs is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs-fastdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-slowdebug is earlier than 1:17.0.6.0.10-3.el9_1  oval:com.redhat.rhsa:tst:20230194045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug

java-17-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230077
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.13-1.el9_1  oval:com.redhat.rhsa:tst:20230077001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.13-1.el9_1  oval:com.redhat.rhsa:tst:20230077003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.13-1.el9_1  oval:com.redhat.rhsa:tst:20230077005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-hostfxr-6.0 is earlier than 0:6.0.13-1.el9_1  oval:com.redhat.rhsa:tst:20230077007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.13-1.el9_1  oval:com.redhat.rhsa:tst:20230077009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.113-1.el9_1  oval:com.redhat.rhsa:tst:20230077011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.113-1.el9_1  oval:com.redhat.rhsa:tst:20230077013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.13-1.el9_1  oval:com.redhat.rhsa:tst:20230077015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.113-1.el9_1  oval:com.redhat.rhsa:tst:20230077017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230021
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

webkit2gtk3 is earlier than 0:2.36.7-1.el9_1.1  oval:com.redhat.rhsa:tst:20230021001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-devel is earlier than 0:2.36.7-1.el9_1.1  oval:com.redhat.rhsa:tst:20230021003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-jsc is earlier than 0:2.36.7-1.el9_1.1  oval:com.redhat.rhsa:tst:20230021005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc-devel is earlier than 0:2.36.7-1.el9_1.1  oval:com.redhat.rhsa:tst:20230021007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel

webkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20230005
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

bcel is earlier than 0:6.4.1-9.el9_1  oval:com.redhat.rhsa:tst:20230005001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230005001 of type rpminfo_object
Name
bcel

bcel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20230005002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20230005001 of type rpminfo_object
Name
bcel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20229080
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.6.0-2.el9_1  oval:com.redhat.rhsa:tst:20229080001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20229065
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.6.0-1.el9_1  oval:com.redhat.rhsa:tst:20229065001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228832
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module nodejs:18 is enabled  oval:com.redhat.rhsa:tst:20228832017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252009 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/nodejs.module\[nodejs\][\w\W]*1

nodejs is earlier than 1:18.12.1-1.module+el9.1.0.z+17326+318294bb  oval:com.redhat.rhsa:tst:20228832001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-devel is earlier than 1:18.12.1-1.module+el9.1.0.z+17326+318294bb  oval:com.redhat.rhsa:tst:20228832003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-docs is earlier than 1:18.12.1-1.module+el9.1.0.z+17326+318294bb  oval:com.redhat.rhsa:tst:20228832005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:18.12.1-1.module+el9.1.0.z+17326+318294bb  oval:com.redhat.rhsa:tst:20228832007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-nodemon is earlier than 0:2.0.20-1.module+el9.1.0.z+17326+318294bb  oval:com.redhat.rhsa:tst:20228832009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-nodemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-packaging is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging-bundler is earlier than 0:2021.06-4.module+el9.1.0+15718+e52ec601  oval:com.redhat.rhsa:tst:20228832013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

nodejs-packaging-bundler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

npm is earlier than 1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb  oval:com.redhat.rhsa:tst:20228832015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228643
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

varnish is earlier than 0:6.6.2-2.el9_1.1  oval:com.redhat.rhsa:tst:20228643001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643001 of type rpminfo_object
Name
varnish

varnish is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228643002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643001 of type rpminfo_object
Name
varnish

varnish-devel is earlier than 0:6.6.2-2.el9_1.1  oval:com.redhat.rhsa:tst:20228643003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643002 of type rpminfo_object
Name
varnish-devel

varnish-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228643004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643002 of type rpminfo_object
Name
varnish-devel

varnish-docs is earlier than 0:6.6.2-2.el9_1.1  oval:com.redhat.rhsa:tst:20228643005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643003 of type rpminfo_object
Name
varnish-docs

varnish-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228643006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228643003 of type rpminfo_object
Name
varnish-docs
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228637
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

krb5-devel is earlier than 0:1.19.1-24.el9_1  oval:com.redhat.rhsa:tst:20228637001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637001 of type rpminfo_object
Name
krb5-devel

krb5-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637001 of type rpminfo_object
Name
krb5-devel

krb5-libs is earlier than 0:1.19.1-24.el9_1  oval:com.redhat.rhsa:tst:20228637003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
krb5-libsaarch64(none)1.el91.21.10:1.21.1-1.el9199e2f91fd431d51krb5-libs-0:1.21.1-1.el9.aarch64

krb5-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
krb5-libsaarch64(none)1.el91.21.10:1.21.1-1.el9199e2f91fd431d51krb5-libs-0:1.21.1-1.el9.aarch64

krb5-pkinit is earlier than 0:1.19.1-24.el9_1  oval:com.redhat.rhsa:tst:20228637005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637003 of type rpminfo_object
Name
krb5-pkinit

krb5-pkinit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637003 of type rpminfo_object
Name
krb5-pkinit

krb5-server is earlier than 0:1.19.1-24.el9_1  oval:com.redhat.rhsa:tst:20228637007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637004 of type rpminfo_object
Name
krb5-server

krb5-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637004 of type rpminfo_object
Name
krb5-server

krb5-server-ldap is earlier than 0:1.19.1-24.el9_1  oval:com.redhat.rhsa:tst:20228637009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637005 of type rpminfo_object
Name
krb5-server-ldap

krb5-server-ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637005 of type rpminfo_object
Name
krb5-server-ldap

krb5-workstation is earlier than 0:1.19.1-24.el9_1  oval:com.redhat.rhsa:tst:20228637011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637006 of type rpminfo_object
Name
krb5-workstation

krb5-workstation is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637006 of type rpminfo_object
Name
krb5-workstation

libkadm5 is earlier than 0:1.19.1-24.el9_1  oval:com.redhat.rhsa:tst:20228637013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637007 of type rpminfo_object
Name
libkadm5

libkadm5 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228637014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228637007 of type rpminfo_object
Name
libkadm5
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228580
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.5.0-1.el9_1  oval:com.redhat.rhsa:tst:20228580001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228561
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.5.0-2.el9_1  oval:com.redhat.rhsa:tst:20228561001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228493
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python-unversioned-command is earlier than 0:3.9.14-1.el9_1.1  oval:com.redhat.rhsa:tst:20228493001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python-unversioned-command is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python3 is earlier than 0:3.9.14-1.el9_1.1  oval:com.redhat.rhsa:tst:20228493003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3-debug is earlier than 0:3.9.14-1.el9_1.1  oval:com.redhat.rhsa:tst:20228493005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-devel is earlier than 0:3.9.14-1.el9_1.1  oval:com.redhat.rhsa:tst:20228493007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-idle is earlier than 0:3.9.14-1.el9_1.1  oval:com.redhat.rhsa:tst:20228493009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-idle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-libs is earlier than 0:3.9.14-1.el9_1.1  oval:com.redhat.rhsa:tst:20228493011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-test is earlier than 0:3.9.14-1.el9_1.1  oval:com.redhat.rhsa:tst:20228493013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-tkinter is earlier than 0:3.9.14-1.el9_1.1  oval:com.redhat.rhsa:tst:20228493015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter

python3-tkinter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228453
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

device-mapper-multipath is earlier than 0:0.8.7-12.el9_1.1  oval:com.redhat.rhsa:tst:20228453001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
device-mapper-multipathaarch64(none)22.el90.8.70:0.8.7-22.el9199e2f91fd431d51device-mapper-multipath-0:0.8.7-22.el9.aarch64

device-mapper-multipath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227185002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
device-mapper-multipathaarch64(none)22.el90.8.70:0.8.7-22.el9199e2f91fd431d51device-mapper-multipath-0:0.8.7-22.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228444
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

keylime is earlier than 0:6.5.1-1.el9_1  oval:com.redhat.rhsa:tst:20228444001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444001 of type rpminfo_object
Name
keylime

keylime is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444001 of type rpminfo_object
Name
keylime

keylime-base is earlier than 0:6.5.1-1.el9_1  oval:com.redhat.rhsa:tst:20228444003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444002 of type rpminfo_object
Name
keylime-base

keylime-base is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444002 of type rpminfo_object
Name
keylime-base

keylime-registrar is earlier than 0:6.5.1-1.el9_1  oval:com.redhat.rhsa:tst:20228444005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444003 of type rpminfo_object
Name
keylime-registrar

keylime-registrar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444003 of type rpminfo_object
Name
keylime-registrar

keylime-selinux is earlier than 0:6.5.1-1.el9_1  oval:com.redhat.rhsa:tst:20228444007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444004 of type rpminfo_object
Name
keylime-selinux

keylime-selinux is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444004 of type rpminfo_object
Name
keylime-selinux

keylime-tenant is earlier than 0:6.5.1-1.el9_1  oval:com.redhat.rhsa:tst:20228444009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444005 of type rpminfo_object
Name
keylime-tenant

keylime-tenant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444005 of type rpminfo_object
Name
keylime-tenant

keylime-verifier is earlier than 0:6.5.1-1.el9_1  oval:com.redhat.rhsa:tst:20228444011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444006 of type rpminfo_object
Name
keylime-verifier

keylime-verifier is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444006 of type rpminfo_object
Name
keylime-verifier

python3-keylime is earlier than 0:6.5.1-1.el9_1  oval:com.redhat.rhsa:tst:20228444013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444007 of type rpminfo_object
Name
python3-keylime

python3-keylime is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228444014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228444007 of type rpminfo_object
Name
python3-keylime
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228434
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-7.0 is earlier than 0:7.0.0-0.5.rc2.el9_1  oval:com.redhat.rhsa:tst:20228434001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434001 of type rpminfo_object
Name
aspnetcore-runtime-7.0

aspnetcore-targeting-pack-7.0 is earlier than 0:7.0.0-0.5.rc2.el9_1  oval:com.redhat.rhsa:tst:20228434003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

aspnetcore-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434002 of type rpminfo_object
Name
aspnetcore-targeting-pack-7.0

dotnet-apphost-pack-7.0 is earlier than 0:7.0.0-0.5.rc2.el9_1  oval:com.redhat.rhsa:tst:20228434005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-apphost-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434003 of type rpminfo_object
Name
dotnet-apphost-pack-7.0

dotnet-host is earlier than 0:7.0.0-0.5.rc2.el9_1  oval:com.redhat.rhsa:tst:20228434007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-7.0 is earlier than 0:7.0.0-0.5.rc2.el9_1  oval:com.redhat.rhsa:tst:20228434009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-hostfxr-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434005 of type rpminfo_object
Name
dotnet-hostfxr-7.0

dotnet-runtime-7.0 is earlier than 0:7.0.0-0.5.rc2.el9_1  oval:com.redhat.rhsa:tst:20228434011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-runtime-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434006 of type rpminfo_object
Name
dotnet-runtime-7.0

dotnet-sdk-7.0 is earlier than 0:7.0.100-0.5.rc2.el9_1  oval:com.redhat.rhsa:tst:20228434013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434007 of type rpminfo_object
Name
dotnet-sdk-7.0

dotnet-sdk-7.0-source-built-artifacts is earlier than 0:7.0.100-0.5.rc2.el9_1  oval:com.redhat.rhsa:tst:20228434015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-sdk-7.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434008 of type rpminfo_object
Name
dotnet-sdk-7.0-source-built-artifacts

dotnet-targeting-pack-7.0 is earlier than 0:7.0.0-0.5.rc2.el9_1  oval:com.redhat.rhsa:tst:20228434017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-targeting-pack-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434009 of type rpminfo_object
Name
dotnet-targeting-pack-7.0

dotnet-templates-7.0 is earlier than 0:7.0.100-0.5.rc2.el9_1  oval:com.redhat.rhsa:tst:20228434019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

dotnet-templates-7.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228434020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228434010 of type rpminfo_object
Name
dotnet-templates-7.0

netstandard-targeting-pack-2.1 is earlier than 0:7.0.100-0.5.rc2.el9_1  oval:com.redhat.rhsa:tst:20228434021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228431
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

podman is earlier than 2:4.2.0-7.el9_1  oval:com.redhat.rhsa:tst:20228431001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
podmanaarch6427.el9_34.6.12:4.6.1-7.el9_3199e2f91fd431d51podman-2:4.6.1-7.el9_3.aarch64

podman is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
podmanaarch6427.el9_34.6.12:4.6.1-7.el9_3199e2f91fd431d51podman-2:4.6.1-7.el9_3.aarch64

podman-catatonit is earlier than 2:4.2.0-7.el9_1  oval:com.redhat.rhsa:tst:20228431003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228431002 of type rpminfo_object
Name
podman-catatonit

podman-catatonit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228431004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228431002 of type rpminfo_object
Name
podman-catatonit

podman-docker is earlier than 2:4.2.0-7.el9_1  oval:com.redhat.rhsa:tst:20228431005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954002 of type rpminfo_object
Name
podman-docker

podman-docker is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954002 of type rpminfo_object
Name
podman-docker

podman-gvproxy is earlier than 2:4.2.0-7.el9_1  oval:com.redhat.rhsa:tst:20228431007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954003 of type rpminfo_object
Name
podman-gvproxy

podman-gvproxy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954003 of type rpminfo_object
Name
podman-gvproxy

podman-plugins is earlier than 2:4.2.0-7.el9_1  oval:com.redhat.rhsa:tst:20228431009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954004 of type rpminfo_object
Name
podman-plugins

podman-plugins is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954004 of type rpminfo_object
Name
podman-plugins

podman-remote is earlier than 2:4.2.0-7.el9_1  oval:com.redhat.rhsa:tst:20228431011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954005 of type rpminfo_object
Name
podman-remote

podman-remote is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954005 of type rpminfo_object
Name
podman-remote

podman-tests is earlier than 2:4.2.0-7.el9_1  oval:com.redhat.rhsa:tst:20228431013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954006 of type rpminfo_object
Name
podman-tests

podman-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954006 of type rpminfo_object
Name
podman-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228420
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

mingw32-zlib is earlier than 0:1.2.12-2.el9  oval:com.redhat.rhsa:tst:20228420001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228420001 of type rpminfo_object
Name
mingw32-zlib

mingw32-zlib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228420002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228420001 of type rpminfo_object
Name
mingw32-zlib

mingw32-zlib-static is earlier than 0:1.2.12-2.el9  oval:com.redhat.rhsa:tst:20228420003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228420002 of type rpminfo_object
Name
mingw32-zlib-static

mingw32-zlib-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228420004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228420002 of type rpminfo_object
Name
mingw32-zlib-static

mingw64-zlib is earlier than 0:1.2.12-2.el9  oval:com.redhat.rhsa:tst:20228420005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228420003 of type rpminfo_object
Name
mingw64-zlib

mingw64-zlib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228420006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228420003 of type rpminfo_object
Name
mingw64-zlib

mingw64-zlib-static is earlier than 0:1.2.12-2.el9  oval:com.redhat.rhsa:tst:20228420007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228420004 of type rpminfo_object
Name
mingw64-zlib-static

mingw64-zlib-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228420008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228420004 of type rpminfo_object
Name
mingw64-zlib-static
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228418
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

mingw32-glib2 is earlier than 0:2.70.1-2.el9  oval:com.redhat.rhsa:tst:20228418001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228418001 of type rpminfo_object
Name
mingw32-glib2

mingw32-glib2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228418002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228418001 of type rpminfo_object
Name
mingw32-glib2

mingw32-glib2-static is earlier than 0:2.70.1-2.el9  oval:com.redhat.rhsa:tst:20228418003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228418002 of type rpminfo_object
Name
mingw32-glib2-static

mingw32-glib2-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228418004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228418002 of type rpminfo_object
Name
mingw32-glib2-static

mingw64-glib2 is earlier than 0:2.70.1-2.el9  oval:com.redhat.rhsa:tst:20228418005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228418003 of type rpminfo_object
Name
mingw64-glib2

mingw64-glib2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228418006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228418003 of type rpminfo_object
Name
mingw64-glib2

mingw64-glib2-static is earlier than 0:2.70.1-2.el9  oval:com.redhat.rhsa:tst:20228418007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228418004 of type rpminfo_object
Name
mingw64-glib2-static

mingw64-glib2-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228418008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228418004 of type rpminfo_object
Name
mingw64-glib2-static
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228415
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

mingw32-cpp is earlier than 0:12.0.1-11.2.el9  oval:com.redhat.rhsa:tst:20228415001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415001 of type rpminfo_object
Name
mingw32-cpp

mingw32-cpp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228415002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415001 of type rpminfo_object
Name
mingw32-cpp

mingw32-gcc is earlier than 0:12.0.1-11.2.el9  oval:com.redhat.rhsa:tst:20228415003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415002 of type rpminfo_object
Name
mingw32-gcc

mingw32-gcc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228415004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415002 of type rpminfo_object
Name
mingw32-gcc

mingw32-gcc-c++ is earlier than 0:12.0.1-11.2.el9  oval:com.redhat.rhsa:tst:20228415005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415003 of type rpminfo_object
Name
mingw32-gcc-c++

mingw32-gcc-c++ is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228415006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415003 of type rpminfo_object
Name
mingw32-gcc-c++

mingw32-libgcc is earlier than 0:12.0.1-11.2.el9  oval:com.redhat.rhsa:tst:20228415007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415004 of type rpminfo_object
Name
mingw32-libgcc

mingw32-libgcc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228415008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415004 of type rpminfo_object
Name
mingw32-libgcc

mingw64-cpp is earlier than 0:12.0.1-11.2.el9  oval:com.redhat.rhsa:tst:20228415009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415005 of type rpminfo_object
Name
mingw64-cpp

mingw64-cpp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228415010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415005 of type rpminfo_object
Name
mingw64-cpp

mingw64-gcc is earlier than 0:12.0.1-11.2.el9  oval:com.redhat.rhsa:tst:20228415011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415006 of type rpminfo_object
Name
mingw64-gcc

mingw64-gcc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228415012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415006 of type rpminfo_object
Name
mingw64-gcc

mingw64-gcc-c++ is earlier than 0:12.0.1-11.2.el9  oval:com.redhat.rhsa:tst:20228415013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415007 of type rpminfo_object
Name
mingw64-gcc-c++

mingw64-gcc-c++ is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228415014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415007 of type rpminfo_object
Name
mingw64-gcc-c++

mingw64-libgcc is earlier than 0:12.0.1-11.2.el9  oval:com.redhat.rhsa:tst:20228415015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415008 of type rpminfo_object
Name
mingw64-libgcc

mingw64-libgcc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228415016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228415008 of type rpminfo_object
Name
mingw64-libgcc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228400
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libtirpc is earlier than 0:1.3.3-0.el9  oval:com.redhat.rhsa:tst:20228400001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtirpcaarch64(none)2.el91.3.30:1.3.3-2.el9199e2f91fd431d51libtirpc-0:1.3.3-2.el9.aarch64

libtirpc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228400002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtirpcaarch64(none)2.el91.3.30:1.3.3-2.el9199e2f91fd431d51libtirpc-0:1.3.3-2.el9.aarch64

libtirpc-devel is earlier than 0:1.3.3-0.el9  oval:com.redhat.rhsa:tst:20228400003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228400002 of type rpminfo_object
Name
libtirpc-devel

libtirpc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228400004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228400002 of type rpminfo_object
Name
libtirpc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228393
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

logrotate is earlier than 0:3.18.0-7.el9  oval:com.redhat.rhsa:tst:20228393001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
logrotateaarch64(none)8.el93.18.00:3.18.0-8.el9199e2f91fd431d51logrotate-0:3.18.0-8.el9.aarch64

logrotate is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228393002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
logrotateaarch64(none)8.el93.18.00:3.18.0-8.el9199e2f91fd431d51logrotate-0:3.18.0-8.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228385
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

dhcp-client is earlier than 12:4.4.2-17.b1.el9  oval:com.redhat.rhsa:tst:20228385001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385001 of type rpminfo_object
Name
dhcp-client

dhcp-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228385002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385001 of type rpminfo_object
Name
dhcp-client

dhcp-common is earlier than 12:4.4.2-17.b1.el9  oval:com.redhat.rhsa:tst:20228385003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385002 of type rpminfo_object
Name
dhcp-common

dhcp-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228385004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385002 of type rpminfo_object
Name
dhcp-common

dhcp-relay is earlier than 12:4.4.2-17.b1.el9  oval:com.redhat.rhsa:tst:20228385005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385003 of type rpminfo_object
Name
dhcp-relay

dhcp-relay is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228385006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385003 of type rpminfo_object
Name
dhcp-relay

dhcp-server is earlier than 12:4.4.2-17.b1.el9  oval:com.redhat.rhsa:tst:20228385007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385004 of type rpminfo_object
Name
dhcp-server

dhcp-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228385008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228385004 of type rpminfo_object
Name
dhcp-server
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228384
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

harfbuzz is earlier than 0:2.7.4-8.el9  oval:com.redhat.rhsa:tst:20228384001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
harfbuzzaarch64(none)8.el92.7.40:2.7.4-8.el9199e2f91fd431d51harfbuzz-0:2.7.4-8.el9.aarch64

harfbuzz is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228384002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
harfbuzzaarch64(none)8.el92.7.40:2.7.4-8.el9199e2f91fd431d51harfbuzz-0:2.7.4-8.el9.aarch64

harfbuzz-devel is earlier than 0:2.7.4-8.el9  oval:com.redhat.rhsa:tst:20228384003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228384002 of type rpminfo_object
Name
harfbuzz-devel

harfbuzz-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228384004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228384002 of type rpminfo_object
Name
harfbuzz-devel

harfbuzz-icu is earlier than 0:2.7.4-8.el9  oval:com.redhat.rhsa:tst:20228384005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
harfbuzz-icuaarch64(none)8.el92.7.40:2.7.4-8.el9199e2f91fd431d51harfbuzz-icu-0:2.7.4-8.el9.aarch64

harfbuzz-icu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228384006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
harfbuzz-icuaarch64(none)8.el92.7.40:2.7.4-8.el9199e2f91fd431d51harfbuzz-icu-0:2.7.4-8.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228361
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

e2fsprogs is earlier than 0:1.46.5-3.el9  oval:com.redhat.rhsa:tst:20228361001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
e2fsprogsaarch64(none)3.el91.46.50:1.46.5-3.el9199e2f91fd431d51e2fsprogs-0:1.46.5-3.el9.aarch64

e2fsprogs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228361002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
e2fsprogsaarch64(none)3.el91.46.50:1.46.5-3.el9199e2f91fd431d51e2fsprogs-0:1.46.5-3.el9.aarch64

e2fsprogs-devel is earlier than 0:1.46.5-3.el9  oval:com.redhat.rhsa:tst:20228361003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228361002 of type rpminfo_object
Name
e2fsprogs-devel

e2fsprogs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228361004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228361002 of type rpminfo_object
Name
e2fsprogs-devel

e2fsprogs-libs is earlier than 0:1.46.5-3.el9  oval:com.redhat.rhsa:tst:20228361005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
e2fsprogs-libsaarch64(none)3.el91.46.50:1.46.5-3.el9199e2f91fd431d51e2fsprogs-libs-0:1.46.5-3.el9.aarch64

e2fsprogs-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228361006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
e2fsprogs-libsaarch64(none)3.el91.46.50:1.46.5-3.el9199e2f91fd431d51e2fsprogs-libs-0:1.46.5-3.el9.aarch64

libcom_err is earlier than 0:1.46.5-3.el9  oval:com.redhat.rhsa:tst:20228361007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcom_erraarch64(none)3.el91.46.50:1.46.5-3.el9199e2f91fd431d51libcom_err-0:1.46.5-3.el9.aarch64

libcom_err is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228361008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcom_erraarch64(none)3.el91.46.50:1.46.5-3.el9199e2f91fd431d51libcom_err-0:1.46.5-3.el9.aarch64

libcom_err-devel is earlier than 0:1.46.5-3.el9  oval:com.redhat.rhsa:tst:20228361009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228361005 of type rpminfo_object
Name
libcom_err-devel

libcom_err-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228361010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228361005 of type rpminfo_object
Name
libcom_err-devel

libss is earlier than 0:1.46.5-3.el9  oval:com.redhat.rhsa:tst:20228361011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libssaarch64(none)3.el91.46.50:1.46.5-3.el9199e2f91fd431d51libss-0:1.46.5-3.el9.aarch64

libss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228361012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libssaarch64(none)3.el91.46.50:1.46.5-3.el9199e2f91fd431d51libss-0:1.46.5-3.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228353
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python-unversioned-command is earlier than 0:3.9.14-1.el9  oval:com.redhat.rhsa:tst:20228353001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python-unversioned-command is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python3 is earlier than 0:3.9.14-1.el9  oval:com.redhat.rhsa:tst:20228353003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3-debug is earlier than 0:3.9.14-1.el9  oval:com.redhat.rhsa:tst:20228353005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-devel is earlier than 0:3.9.14-1.el9  oval:com.redhat.rhsa:tst:20228353007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-idle is earlier than 0:3.9.14-1.el9  oval:com.redhat.rhsa:tst:20228353009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-idle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-libs is earlier than 0:3.9.14-1.el9  oval:com.redhat.rhsa:tst:20228353011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-test is earlier than 0:3.9.14-1.el9  oval:com.redhat.rhsa:tst:20228353013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-tkinter is earlier than 0:3.9.14-1.el9  oval:com.redhat.rhsa:tst:20228353015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter

python3-tkinter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228340
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

freetype is earlier than 0:2.10.4-9.el9  oval:com.redhat.rhsa:tst:20228340001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
freetypeaarch64(none)9.el92.10.40:2.10.4-9.el9199e2f91fd431d51freetype-0:2.10.4-9.el9.aarch64

freetype is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228340002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
freetypeaarch64(none)9.el92.10.40:2.10.4-9.el9199e2f91fd431d51freetype-0:2.10.4-9.el9.aarch64

freetype-devel is earlier than 0:2.10.4-9.el9  oval:com.redhat.rhsa:tst:20228340003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228340002 of type rpminfo_object
Name
freetype-devel

freetype-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228340004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228340002 of type rpminfo_object
Name
freetype-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228318
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ldb-tools is earlier than 0:2.5.2-1.el9  oval:com.redhat.rhsa:tst:20228318001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228318001 of type rpminfo_object
Name
ldb-tools

ldb-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228318002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228318001 of type rpminfo_object
Name
ldb-tools

libldb is earlier than 0:2.5.2-1.el9  oval:com.redhat.rhsa:tst:20228318003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libldbaarch64(none)2.el92.7.20:2.7.2-2.el9199e2f91fd431d51libldb-0:2.7.2-2.el9.aarch64

libldb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228318004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libldbaarch64(none)2.el92.7.20:2.7.2-2.el9199e2f91fd431d51libldb-0:2.7.2-2.el9.aarch64

libldb-devel is earlier than 0:2.5.2-1.el9  oval:com.redhat.rhsa:tst:20228318005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228318003 of type rpminfo_object
Name
libldb-devel

libldb-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228318006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228318003 of type rpminfo_object
Name
libldb-devel

python3-ldb is earlier than 0:2.5.2-1.el9  oval:com.redhat.rhsa:tst:20228318007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228318004 of type rpminfo_object
Name
python3-ldb

python3-ldb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228318008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228318004 of type rpminfo_object
Name
python3-ldb
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228317
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ctdb is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

ctdb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317001 of type rpminfo_object
Name
ctdb

libsmbclient is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libsmbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libsmbclient-0:4.18.6-101.el9_3.aarch64

libsmbclient-devel is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libsmbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317003 of type rpminfo_object
Name
libsmbclient-devel

libwbclient is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libwbclientaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51libwbclient-0:4.18.6-101.el9_3.aarch64

libwbclient-devel is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

libwbclient-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317005 of type rpminfo_object
Name
libwbclient-devel

python3-samba is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

python3-samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317006 of type rpminfo_object
Name
python3-samba

samba is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317007 of type rpminfo_object
Name
samba

samba-client is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317008 of type rpminfo_object
Name
samba-client

samba-client-libs is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-client-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-client-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-client-libs-0:4.18.6-101.el9_3.aarch64

samba-common is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317019  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317020  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-commonnoarch0101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-0:4.18.6-101.el9_3.noarch

samba-common-libs is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317021  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317022  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
samba-common-libsaarch640101.el9_34.18.60:4.18.6-101.el9_3199e2f91fd431d51samba-common-libs-0:4.18.6-101.el9_3.aarch64

samba-common-tools is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-common-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317012 of type rpminfo_object
Name
samba-common-tools

samba-devel is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317013 of type rpminfo_object
Name
samba-devel

samba-krb5-printing is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-krb5-printing is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317014 of type rpminfo_object
Name
samba-krb5-printing

samba-libs is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317015 of type rpminfo_object
Name
samba-libs

samba-pidl is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-pidl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317016 of type rpminfo_object
Name
samba-pidl

samba-test is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317017 of type rpminfo_object
Name
samba-test

samba-test-libs is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-test-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317018 of type rpminfo_object
Name
samba-test-libs

samba-vfs-iouring is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-vfs-iouring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317019 of type rpminfo_object
Name
samba-vfs-iouring

samba-winbind is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317020 of type rpminfo_object
Name
samba-winbind

samba-winbind-clients is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-clients is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317021 of type rpminfo_object
Name
samba-winbind-clients

samba-winbind-krb5-locator is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-krb5-locator is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317022 of type rpminfo_object
Name
samba-winbind-krb5-locator

samba-winbind-modules is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winbind-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317023 of type rpminfo_object
Name
samba-winbind-modules

samba-winexe is earlier than 0:4.16.4-101.el9  oval:com.redhat.rhsa:tst:20228317047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe

samba-winexe is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228317048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228317024 of type rpminfo_object
Name
samba-winexe
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228299
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

curl is earlier than 0:7.76.1-19.el9  oval:com.redhat.rhsa:tst:20228299001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl-minimal is earlier than 0:7.76.1-19.el9  oval:com.redhat.rhsa:tst:20228299003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

curl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

libcurl is earlier than 0:7.76.1-19.el9  oval:com.redhat.rhsa:tst:20228299005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl-devel is earlier than 0:7.76.1-19.el9  oval:com.redhat.rhsa:tst:20228299007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-minimal is earlier than 0:7.76.1-19.el9  oval:com.redhat.rhsa:tst:20228299009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal

libcurl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228291
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

rsync is earlier than 0:3.2.3-18.el9  oval:com.redhat.rhsa:tst:20228291001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyncaarch64(none)19.el93.2.30:3.2.3-19.el9199e2f91fd431d51rsync-0:3.2.3-19.el9.aarch64

rsync is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224592002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyncaarch64(none)19.el93.2.30:3.2.3-19.el9199e2f91fd431d51rsync-0:3.2.3-19.el9.aarch64

rsync-daemon is earlier than 0:3.2.3-18.el9  oval:com.redhat.rhsa:tst:20228291003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224592002 of type rpminfo_object
Name
rsync-daemon

rsync-daemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224592004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224592002 of type rpminfo_object
Name
rsync-daemon
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228267
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-162.6.1.rt21.168.el9_1 is currently running  oval:com.redhat.rhsa:tst:20227933025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-162.6.1.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20228267058  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228267031 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-abi-stablelists is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-extra is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-devel is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-headers is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-modules is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267031  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267037  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-zfcpdump is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-162.6.1.el9_1  oval:com.redhat.rhsa:tst:20228267055  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228263
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

dpdk is earlier than 2:21.11.2-1.el9_1  oval:com.redhat.rhsa:tst:20228263001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228263001 of type rpminfo_object
Name
dpdk

dpdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228263002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228263001 of type rpminfo_object
Name
dpdk

dpdk-devel is earlier than 2:21.11.2-1.el9_1  oval:com.redhat.rhsa:tst:20228263003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228263002 of type rpminfo_object
Name
dpdk-devel

dpdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228263004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228263002 of type rpminfo_object
Name
dpdk-devel

dpdk-doc is earlier than 2:21.11.2-1.el9_1  oval:com.redhat.rhsa:tst:20228263005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228263003 of type rpminfo_object
Name
dpdk-doc

dpdk-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228263006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228263003 of type rpminfo_object
Name
dpdk-doc

dpdk-tools is earlier than 2:21.11.2-1.el9_1  oval:com.redhat.rhsa:tst:20228263007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228263004 of type rpminfo_object
Name
dpdk-tools

dpdk-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228263008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228263004 of type rpminfo_object
Name
dpdk-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228252
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

yajl is earlier than 0:2.1.0-21.el9  oval:com.redhat.rhsa:tst:20228252001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
yajlaarch64(none)22.el92.1.00:2.1.0-22.el9199e2f91fd431d51yajl-0:2.1.0-22.el9.aarch64

yajl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228252002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
yajlaarch64(none)22.el92.1.00:2.1.0-22.el9199e2f91fd431d51yajl-0:2.1.0-22.el9.aarch64

yajl-devel is earlier than 0:2.1.0-21.el9  oval:com.redhat.rhsa:tst:20228252003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228252002 of type rpminfo_object
Name
yajl-devel

yajl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228252004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228252002 of type rpminfo_object
Name
yajl-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228250
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

grafana-pcp is earlier than 0:3.2.0-3.el9  oval:com.redhat.rhsa:tst:20228250001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228250001 of type rpminfo_object
Name
grafana-pcp

grafana-pcp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228250002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228250001 of type rpminfo_object
Name
grafana-pcp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228226
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-lxml is earlier than 0:4.6.5-3.el9  oval:com.redhat.rhsa:tst:20228226001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-lxmlaarch64(none)3.el94.6.50:4.6.5-3.el9199e2f91fd431d51python3-lxml-0:4.6.5-3.el9.aarch64

python3-lxml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228226002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-lxmlaarch64(none)3.el94.6.50:4.6.5-3.el9199e2f91fd431d51python3-lxml-0:4.6.5-3.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228222
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

xorg-x11-server-Xwayland is earlier than 0:21.1.3-3.el9  oval:com.redhat.rhsa:tst:20228222001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xwaylandaarch64(none)2.el922.1.90:22.1.9-2.el9199e2f91fd431d51xorg-x11-server-Xwayland-0:22.1.9-2.el9.aarch64

xorg-x11-server-Xwayland is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228222002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xwaylandaarch64(none)2.el922.1.90:22.1.9-2.el9199e2f91fd431d51xorg-x11-server-Xwayland-0:22.1.9-2.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228221
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

xorg-x11-server-Xdmx is earlier than 0:1.20.11-11.el9  oval:com.redhat.rhsa:tst:20228221001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221001 of type rpminfo_object
Name
xorg-x11-server-Xdmx

xorg-x11-server-Xdmx is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221001 of type rpminfo_object
Name
xorg-x11-server-Xdmx

xorg-x11-server-Xephyr is earlier than 0:1.20.11-11.el9  oval:com.redhat.rhsa:tst:20228221003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221002 of type rpminfo_object
Name
xorg-x11-server-Xephyr

xorg-x11-server-Xephyr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221002 of type rpminfo_object
Name
xorg-x11-server-Xephyr

xorg-x11-server-Xnest is earlier than 0:1.20.11-11.el9  oval:com.redhat.rhsa:tst:20228221005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221003 of type rpminfo_object
Name
xorg-x11-server-Xnest

xorg-x11-server-Xnest is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221003 of type rpminfo_object
Name
xorg-x11-server-Xnest

xorg-x11-server-Xorg is earlier than 0:1.20.11-11.el9  oval:com.redhat.rhsa:tst:20228221007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xorgaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-Xorg-0:1.20.11-19.el9.aarch64

xorg-x11-server-Xorg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-Xorgaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-Xorg-0:1.20.11-19.el9.aarch64

xorg-x11-server-Xvfb is earlier than 0:1.20.11-11.el9  oval:com.redhat.rhsa:tst:20228221009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221005 of type rpminfo_object
Name
xorg-x11-server-Xvfb

xorg-x11-server-Xvfb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221005 of type rpminfo_object
Name
xorg-x11-server-Xvfb

xorg-x11-server-common is earlier than 0:1.20.11-11.el9  oval:com.redhat.rhsa:tst:20228221011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-commonaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-common-0:1.20.11-19.el9.aarch64

xorg-x11-server-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xorg-x11-server-commonaarch64(none)19.el91.20.110:1.20.11-19.el9199e2f91fd431d51xorg-x11-server-common-0:1.20.11-19.el9.aarch64

xorg-x11-server-devel is earlier than 0:1.20.11-11.el9  oval:com.redhat.rhsa:tst:20228221013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221007 of type rpminfo_object
Name
xorg-x11-server-devel

xorg-x11-server-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221007 of type rpminfo_object
Name
xorg-x11-server-devel

xorg-x11-server-source is earlier than 0:1.20.11-11.el9  oval:com.redhat.rhsa:tst:20228221015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221008 of type rpminfo_object
Name
xorg-x11-server-source

xorg-x11-server-source is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228221016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228221008 of type rpminfo_object
Name
xorg-x11-server-source
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228219
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

mutt is earlier than 5:2.2.6-1.el9  oval:com.redhat.rhsa:tst:20228219001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228219001 of type rpminfo_object
Name
mutt

mutt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228219002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228219001 of type rpminfo_object
Name
mutt
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228208
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

dovecot is earlier than 1:2.3.16-7.el9  oval:com.redhat.rhsa:tst:20228208001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228208001 of type rpminfo_object
Name
dovecot

dovecot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228208002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228208001 of type rpminfo_object
Name
dovecot

dovecot-devel is earlier than 1:2.3.16-7.el9  oval:com.redhat.rhsa:tst:20228208003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228208002 of type rpminfo_object
Name
dovecot-devel

dovecot-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228208004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228208002 of type rpminfo_object
Name
dovecot-devel

dovecot-mysql is earlier than 1:2.3.16-7.el9  oval:com.redhat.rhsa:tst:20228208005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228208003 of type rpminfo_object
Name
dovecot-mysql

dovecot-mysql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228208006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228208003 of type rpminfo_object
Name
dovecot-mysql

dovecot-pgsql is earlier than 1:2.3.16-7.el9  oval:com.redhat.rhsa:tst:20228208007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228208004 of type rpminfo_object
Name
dovecot-pgsql

dovecot-pgsql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228208008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228208004 of type rpminfo_object
Name
dovecot-pgsql

dovecot-pigeonhole is earlier than 1:2.3.16-7.el9  oval:com.redhat.rhsa:tst:20228208009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228208005 of type rpminfo_object
Name
dovecot-pigeonhole

dovecot-pigeonhole is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228208010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228208005 of type rpminfo_object
Name
dovecot-pigeonhole
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228207
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

openjpeg2 is earlier than 0:2.4.0-7.el9  oval:com.redhat.rhsa:tst:20228207001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openjpeg2aarch64(none)7.el92.4.00:2.4.0-7.el9199e2f91fd431d51openjpeg2-0:2.4.0-7.el9.aarch64

openjpeg2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228207002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openjpeg2aarch64(none)7.el92.4.00:2.4.0-7.el9199e2f91fd431d51openjpeg2-0:2.4.0-7.el9.aarch64

openjpeg2-devel is earlier than 0:2.4.0-7.el9  oval:com.redhat.rhsa:tst:20228207003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228207002 of type rpminfo_object
Name
openjpeg2-devel

openjpeg2-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228207004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228207002 of type rpminfo_object
Name
openjpeg2-devel

openjpeg2-tools is earlier than 0:2.4.0-7.el9  oval:com.redhat.rhsa:tst:20228207005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228207003 of type rpminfo_object
Name
openjpeg2-tools

openjpeg2-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228207006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228207003 of type rpminfo_object
Name
openjpeg2-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228197
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

php is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php-bcmath is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-bcmath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-cli is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-cli is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-common is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-dba is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dbg is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-dbg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-devel is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-embedded is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-embedded is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-enchant is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-enchant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-ffi is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-ffi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-fpm is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-fpm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-gd is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gmp is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-gmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-intl is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-intl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-ldap is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-mbstring is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mbstring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mysqlnd is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-mysqlnd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-odbc is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-odbc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-opcache is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-opcache is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-pdo is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pdo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pgsql is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-pgsql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-process is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-process is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-snmp is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-soap is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-soap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-xml is earlier than 0:8.0.20-3.el9  oval:com.redhat.rhsa:tst:20228197049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml

php-xml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228194
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libtiff is earlier than 0:4.4.0-2.el9  oval:com.redhat.rhsa:tst:20228194001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtiffaarch64(none)10.el94.4.00:4.4.0-10.el9199e2f91fd431d51libtiff-0:4.4.0-10.el9.aarch64

libtiff is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libtiffaarch64(none)10.el94.4.00:4.4.0-10.el9199e2f91fd431d51libtiff-0:4.4.0-10.el9.aarch64

libtiff-devel is earlier than 0:4.4.0-2.el9  oval:com.redhat.rhsa:tst:20228194003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194002 of type rpminfo_object
Name
libtiff-devel

libtiff-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194002 of type rpminfo_object
Name
libtiff-devel

libtiff-tools is earlier than 0:4.4.0-2.el9  oval:com.redhat.rhsa:tst:20228194005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194003 of type rpminfo_object
Name
libtiff-tools

libtiff-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228194006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228194003 of type rpminfo_object
Name
libtiff-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228162
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

389-ds-base is earlier than 0:2.1.3-4.el9_1  oval:com.redhat.rhsa:tst:20228162001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228162001 of type rpminfo_object
Name
389-ds-base

389-ds-base is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228162002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228162001 of type rpminfo_object
Name
389-ds-base

389-ds-base-libs is earlier than 0:2.1.3-4.el9_1  oval:com.redhat.rhsa:tst:20228162003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228162002 of type rpminfo_object
Name
389-ds-base-libs

389-ds-base-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228162004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228162002 of type rpminfo_object
Name
389-ds-base-libs

python3-lib389 is earlier than 0:2.1.3-4.el9_1  oval:com.redhat.rhsa:tst:20228162005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228162003 of type rpminfo_object
Name
python3-lib389

python3-lib389 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228162006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228162003 of type rpminfo_object
Name
python3-lib389
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228151
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

poppler is earlier than 0:21.01.0-13.el9  oval:com.redhat.rhsa:tst:20228151001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppleraarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-0:21.01.0-18.el9.aarch64

poppler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppleraarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-0:21.01.0-18.el9.aarch64

poppler-cpp is earlier than 0:21.01.0-13.el9  oval:com.redhat.rhsa:tst:20228151003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-cppaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-cpp-0:21.01.0-18.el9.aarch64

poppler-cpp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-cppaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-cpp-0:21.01.0-18.el9.aarch64

poppler-cpp-devel is earlier than 0:21.01.0-13.el9  oval:com.redhat.rhsa:tst:20228151005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151003 of type rpminfo_object
Name
poppler-cpp-devel

poppler-cpp-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151003 of type rpminfo_object
Name
poppler-cpp-devel

poppler-devel is earlier than 0:21.01.0-13.el9  oval:com.redhat.rhsa:tst:20228151007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151004 of type rpminfo_object
Name
poppler-devel

poppler-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151004 of type rpminfo_object
Name
poppler-devel

poppler-glib is earlier than 0:21.01.0-13.el9  oval:com.redhat.rhsa:tst:20228151009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-glibaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-glib-0:21.01.0-18.el9.aarch64

poppler-glib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-glibaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-glib-0:21.01.0-18.el9.aarch64

poppler-glib-devel is earlier than 0:21.01.0-13.el9  oval:com.redhat.rhsa:tst:20228151011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151006 of type rpminfo_object
Name
poppler-glib-devel

poppler-glib-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151006 of type rpminfo_object
Name
poppler-glib-devel

poppler-qt5 is earlier than 0:21.01.0-13.el9  oval:com.redhat.rhsa:tst:20228151013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151007 of type rpminfo_object
Name
poppler-qt5

poppler-qt5 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151007 of type rpminfo_object
Name
poppler-qt5

poppler-qt5-devel is earlier than 0:21.01.0-13.el9  oval:com.redhat.rhsa:tst:20228151015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151008 of type rpminfo_object
Name
poppler-qt5-devel

poppler-qt5-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228151008 of type rpminfo_object
Name
poppler-qt5-devel

poppler-utils is earlier than 0:21.01.0-13.el9  oval:com.redhat.rhsa:tst:20228151017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-utilsaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-utils-0:21.01.0-18.el9.aarch64

poppler-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228151018  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
poppler-utilsaarch64(none)18.el921.01.00:21.01.0-18.el9199e2f91fd431d51poppler-utils-0:21.01.0-18.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228139
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

wavpack is earlier than 0:5.4.0-5.el9  oval:com.redhat.rhsa:tst:20228139001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
wavpackaarch64(none)5.el95.4.00:5.4.0-5.el9199e2f91fd431d51wavpack-0:5.4.0-5.el9.aarch64

wavpack is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228139002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
wavpackaarch64(none)5.el95.4.00:5.4.0-5.el9199e2f91fd431d51wavpack-0:5.4.0-5.el9.aarch64

wavpack-devel is earlier than 0:5.4.0-5.el9  oval:com.redhat.rhsa:tst:20228139003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228139002 of type rpminfo_object
Name
wavpack-devel

wavpack-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228139004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228139002 of type rpminfo_object
Name
wavpack-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228126
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ignition is earlier than 0:2.14.0-1.el9  oval:com.redhat.rhsa:tst:20228126001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228126001 of type rpminfo_object
Name
ignition

ignition is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228126002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228126001 of type rpminfo_object
Name
ignition
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228112
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

frr is earlier than 0:8.2.2-4.el9  oval:com.redhat.rhsa:tst:20228112001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228112001 of type rpminfo_object
Name
frr

frr is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228112002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228112001 of type rpminfo_object
Name
frr
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228100
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

swtpm is earlier than 0:0.7.0-3.20211109gitb79fd91.el9  oval:com.redhat.rhsa:tst:20228100001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228100001 of type rpminfo_object
Name
swtpm

swtpm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228100002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228100001 of type rpminfo_object
Name
swtpm

swtpm-libs is earlier than 0:0.7.0-3.20211109gitb79fd91.el9  oval:com.redhat.rhsa:tst:20228100003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228100002 of type rpminfo_object
Name
swtpm-libs

swtpm-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228100004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228100002 of type rpminfo_object
Name
swtpm-libs

swtpm-tools is earlier than 0:0.7.0-3.20211109gitb79fd91.el9  oval:com.redhat.rhsa:tst:20228100005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228100003 of type rpminfo_object
Name
swtpm-tools

swtpm-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228100006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228100003 of type rpminfo_object
Name
swtpm-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228098
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

toolbox is earlier than 0:0.0.99.3-5.el9  oval:com.redhat.rhsa:tst:20228098001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098001 of type rpminfo_object
Name
toolbox

toolbox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228098002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098001 of type rpminfo_object
Name
toolbox

toolbox-tests is earlier than 0:0.0.99.3-5.el9  oval:com.redhat.rhsa:tst:20228098003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098002 of type rpminfo_object
Name
toolbox-tests

toolbox-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228098004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228098002 of type rpminfo_object
Name
toolbox-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228096
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

redis is earlier than 0:6.2.7-1.el9  oval:com.redhat.rhsa:tst:20228096001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228096001 of type rpminfo_object
Name
redis

redis is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228096002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228096001 of type rpminfo_object
Name
redis

redis-devel is earlier than 0:6.2.7-1.el9  oval:com.redhat.rhsa:tst:20228096003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228096002 of type rpminfo_object
Name
redis-devel

redis-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228096004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228096002 of type rpminfo_object
Name
redis-devel

redis-doc is earlier than 0:6.2.7-1.el9  oval:com.redhat.rhsa:tst:20228096005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228096003 of type rpminfo_object
Name
redis-doc

redis-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228096006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228096003 of type rpminfo_object
Name
redis-doc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228090
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

runc is earlier than 4:1.1.4-1.el9  oval:com.redhat.rhsa:tst:20228090001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228090001 of type rpminfo_object
Name
runc

runc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228090002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228090001 of type rpminfo_object
Name
runc
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228078
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

flac is earlier than 0:1.3.3-10.el9  oval:com.redhat.rhsa:tst:20228078001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228078001 of type rpminfo_object
Name
flac

flac is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228078002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228078001 of type rpminfo_object
Name
flac

flac-devel is earlier than 0:1.3.3-10.el9  oval:com.redhat.rhsa:tst:20228078003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228078002 of type rpminfo_object
Name
flac-devel

flac-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228078004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228078002 of type rpminfo_object
Name
flac-devel

flac-libs is earlier than 0:1.3.3-10.el9  oval:com.redhat.rhsa:tst:20228078005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flac-libsaarch64(none)10.el9_2.11.3.30:1.3.3-10.el9_2.1199e2f91fd431d51flac-libs-0:1.3.3-10.el9_2.1.aarch64

flac-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228078006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
flac-libsaarch64(none)10.el9_2.11.3.30:1.3.3-10.el9_2.1199e2f91fd431d51flac-libs-0:1.3.3-10.el9_2.1.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228070
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

dnsmasq is earlier than 0:2.85-5.el9  oval:com.redhat.rhsa:tst:20228070001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dnsmasqaarch64(none)14.el92.850:2.85-14.el9199e2f91fd431d51dnsmasq-0:2.85-14.el9.aarch64

dnsmasq is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228070002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dnsmasqaarch64(none)14.el92.850:2.85-14.el9199e2f91fd431d51dnsmasq-0:2.85-14.el9.aarch64

dnsmasq-utils is earlier than 0:2.85-5.el9  oval:com.redhat.rhsa:tst:20228070003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228070002 of type rpminfo_object
Name
dnsmasq-utils

dnsmasq-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228070004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228070002 of type rpminfo_object
Name
dnsmasq-utils
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228068
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

bind is earlier than 32:9.16.23-5.el9_1  oval:com.redhat.rhsa:tst:20228068001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763001 of type rpminfo_object
Name
bind

bind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763001 of type rpminfo_object
Name
bind

bind-chroot is earlier than 32:9.16.23-5.el9_1  oval:com.redhat.rhsa:tst:20228068003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763002 of type rpminfo_object
Name
bind-chroot

bind-chroot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763002 of type rpminfo_object
Name
bind-chroot

bind-devel is earlier than 32:9.16.23-5.el9_1  oval:com.redhat.rhsa:tst:20228068005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763003 of type rpminfo_object
Name
bind-devel

bind-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763003 of type rpminfo_object
Name
bind-devel

bind-dnssec-doc is earlier than 32:9.16.23-5.el9_1  oval:com.redhat.rhsa:tst:20228068007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763004 of type rpminfo_object
Name
bind-dnssec-doc

bind-dnssec-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763004 of type rpminfo_object
Name
bind-dnssec-doc

bind-dnssec-utils is earlier than 32:9.16.23-5.el9_1  oval:com.redhat.rhsa:tst:20228068009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763005 of type rpminfo_object
Name
bind-dnssec-utils

bind-dnssec-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763005 of type rpminfo_object
Name
bind-dnssec-utils

bind-doc is earlier than 32:9.16.23-5.el9_1  oval:com.redhat.rhsa:tst:20228068011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228068006 of type rpminfo_object
Name
bind-doc

bind-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228068012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228068006 of type rpminfo_object
Name
bind-doc

bind-libs is earlier than 32:9.16.23-5.el9_1  oval:com.redhat.rhsa:tst:20228068013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-libsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-libs-32:9.16.23-14.el9_3.aarch64

bind-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-libsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-libs-32:9.16.23-14.el9_3.aarch64

bind-license is earlier than 32:9.16.23-5.el9_1  oval:com.redhat.rhsa:tst:20228068015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-licensenoarch3214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-license-32:9.16.23-14.el9_3.noarch

bind-license is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-licensenoarch3214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-license-32:9.16.23-14.el9_3.noarch

bind-utils is earlier than 32:9.16.23-5.el9_1  oval:com.redhat.rhsa:tst:20228068017  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-utilsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-utils-32:9.16.23-14.el9_3.aarch64

bind-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-utilsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-utils-32:9.16.23-14.el9_3.aarch64

python3-bind is earlier than 32:9.16.23-5.el9_1  oval:com.redhat.rhsa:tst:20228068019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763009 of type rpminfo_object
Name
python3-bind

python3-bind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763009 of type rpminfo_object
Name
python3-bind
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228067
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

httpd is earlier than 0:2.4.53-7.el9  oval:com.redhat.rhsa:tst:20228067001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067001 of type rpminfo_object
Name
httpd

httpd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067001 of type rpminfo_object
Name
httpd

httpd-core is earlier than 0:2.4.53-7.el9  oval:com.redhat.rhsa:tst:20228067003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067002 of type rpminfo_object
Name
httpd-core

httpd-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067002 of type rpminfo_object
Name
httpd-core

httpd-devel is earlier than 0:2.4.53-7.el9  oval:com.redhat.rhsa:tst:20228067005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067003 of type rpminfo_object
Name
httpd-devel

httpd-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067003 of type rpminfo_object
Name
httpd-devel

httpd-filesystem is earlier than 0:2.4.53-7.el9  oval:com.redhat.rhsa:tst:20228067007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067004 of type rpminfo_object
Name
httpd-filesystem

httpd-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067004 of type rpminfo_object
Name
httpd-filesystem

httpd-manual is earlier than 0:2.4.53-7.el9  oval:com.redhat.rhsa:tst:20228067009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067005 of type rpminfo_object
Name
httpd-manual

httpd-manual is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067005 of type rpminfo_object
Name
httpd-manual

httpd-tools is earlier than 0:2.4.53-7.el9  oval:com.redhat.rhsa:tst:20228067011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067006 of type rpminfo_object
Name
httpd-tools

httpd-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067006 of type rpminfo_object
Name
httpd-tools

mod_ldap is earlier than 0:2.4.53-7.el9  oval:com.redhat.rhsa:tst:20228067013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067007 of type rpminfo_object
Name
mod_ldap

mod_ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067007 of type rpminfo_object
Name
mod_ldap

mod_lua is earlier than 0:2.4.53-7.el9  oval:com.redhat.rhsa:tst:20228067015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067008 of type rpminfo_object
Name
mod_lua

mod_lua is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067008 of type rpminfo_object
Name
mod_lua

mod_proxy_html is earlier than 1:2.4.53-7.el9  oval:com.redhat.rhsa:tst:20228067017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067009 of type rpminfo_object
Name
mod_proxy_html

mod_proxy_html is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067009 of type rpminfo_object
Name
mod_proxy_html

mod_session is earlier than 0:2.4.53-7.el9  oval:com.redhat.rhsa:tst:20228067019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067010 of type rpminfo_object
Name
mod_session

mod_session is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067010 of type rpminfo_object
Name
mod_session

mod_ssl is earlier than 1:2.4.53-7.el9  oval:com.redhat.rhsa:tst:20228067021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067011 of type rpminfo_object
Name
mod_ssl

mod_ssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228067022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228067011 of type rpminfo_object
Name
mod_ssl
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228062
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python3-unbound is earlier than 0:1.16.2-2.el9  oval:com.redhat.rhsa:tst:20228062001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062001 of type rpminfo_object
Name
python3-unbound

python3-unbound is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228062002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062001 of type rpminfo_object
Name
python3-unbound

unbound is earlier than 0:1.16.2-2.el9  oval:com.redhat.rhsa:tst:20228062003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062002 of type rpminfo_object
Name
unbound

unbound is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228062004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062002 of type rpminfo_object
Name
unbound

unbound-devel is earlier than 0:1.16.2-2.el9  oval:com.redhat.rhsa:tst:20228062005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062003 of type rpminfo_object
Name
unbound-devel

unbound-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228062006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062003 of type rpminfo_object
Name
unbound-devel

unbound-libs is earlier than 0:1.16.2-2.el9  oval:com.redhat.rhsa:tst:20228062007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062004 of type rpminfo_object
Name
unbound-libs

unbound-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228062008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228062004 of type rpminfo_object
Name
unbound-libs
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228057
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

grafana is earlier than 0:7.5.15-3.el9  oval:com.redhat.rhsa:tst:20228057001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana

grafana is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225716002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228054
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

webkit2gtk3 is earlier than 0:2.36.7-1.el9  oval:com.redhat.rhsa:tst:20228054001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-devel is earlier than 0:2.36.7-1.el9  oval:com.redhat.rhsa:tst:20228054003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-jsc is earlier than 0:2.36.7-1.el9  oval:com.redhat.rhsa:tst:20228054005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc-devel is earlier than 0:2.36.7-1.el9  oval:com.redhat.rhsa:tst:20228054007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel

webkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228022
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

qt5 is earlier than 0:5.15.3-1.el9  oval:com.redhat.rhsa:tst:20228022001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022001 of type rpminfo_object
Name
qt5

qt5 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228022002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022001 of type rpminfo_object
Name
qt5

qt5-devel is earlier than 0:5.15.3-1.el9  oval:com.redhat.rhsa:tst:20228022003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022002 of type rpminfo_object
Name
qt5-devel

qt5-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228022004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022002 of type rpminfo_object
Name
qt5-devel

qt5-rpm-macros is earlier than 0:5.15.3-1.el9  oval:com.redhat.rhsa:tst:20228022005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022003 of type rpminfo_object
Name
qt5-rpm-macros

qt5-rpm-macros is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228022006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022003 of type rpminfo_object
Name
qt5-rpm-macros

qt5-srpm-macros is earlier than 0:5.15.3-1.el9  oval:com.redhat.rhsa:tst:20228022007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022004 of type rpminfo_object
Name
qt5-srpm-macros

qt5-srpm-macros is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228022008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228022004 of type rpminfo_object
Name
qt5-srpm-macros
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228011
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

fribidi is earlier than 0:1.0.10-6.el9.2  oval:com.redhat.rhsa:tst:20228011001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
fribidiaarch64(none)6.el9.21.0.100:1.0.10-6.el9.2199e2f91fd431d51fribidi-0:1.0.10-6.el9.2.aarch64

fribidi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228011002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
fribidiaarch64(none)6.el9.21.0.100:1.0.10-6.el9.2199e2f91fd431d51fribidi-0:1.0.10-6.el9.2.aarch64

fribidi-devel is earlier than 0:1.0.10-6.el9.2  oval:com.redhat.rhsa:tst:20228011003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228011002 of type rpminfo_object
Name
fribidi-devel

fribidi-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228011004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228011002 of type rpminfo_object
Name
fribidi-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228008
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

buildah is earlier than 1:1.27.0-2.el9  oval:com.redhat.rhsa:tst:20228008001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
buildahaarch6412.el9_31.31.31:1.31.3-2.el9_3199e2f91fd431d51buildah-1:1.31.3-2.el9_3.aarch64

buildah is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228008002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
buildahaarch6412.el9_31.31.31:1.31.3-2.el9_3199e2f91fd431d51buildah-1:1.31.3-2.el9_3.aarch64

buildah-tests is earlier than 1:1.27.0-2.el9  oval:com.redhat.rhsa:tst:20228008003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228008002 of type rpminfo_object
Name
buildah-tests

buildah-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228008004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228008002 of type rpminfo_object
Name
buildah-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20228003
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libvirt is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003001 of type rpminfo_object
Name
libvirt

libvirt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003001 of type rpminfo_object
Name
libvirt

libvirt-client is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003002 of type rpminfo_object
Name
libvirt-client

libvirt-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003002 of type rpminfo_object
Name
libvirt-client

libvirt-daemon is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003003 of type rpminfo_object
Name
libvirt-daemon

libvirt-daemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003003 of type rpminfo_object
Name
libvirt-daemon

libvirt-daemon-config-network is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003004 of type rpminfo_object
Name
libvirt-daemon-config-network

libvirt-daemon-config-network is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003004 of type rpminfo_object
Name
libvirt-daemon-config-network

libvirt-daemon-config-nwfilter is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003005 of type rpminfo_object
Name
libvirt-daemon-config-nwfilter

libvirt-daemon-config-nwfilter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003005 of type rpminfo_object
Name
libvirt-daemon-config-nwfilter

libvirt-daemon-driver-interface is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003006 of type rpminfo_object
Name
libvirt-daemon-driver-interface

libvirt-daemon-driver-interface is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003006 of type rpminfo_object
Name
libvirt-daemon-driver-interface

libvirt-daemon-driver-network is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003007 of type rpminfo_object
Name
libvirt-daemon-driver-network

libvirt-daemon-driver-network is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003007 of type rpminfo_object
Name
libvirt-daemon-driver-network

libvirt-daemon-driver-nodedev is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003008 of type rpminfo_object
Name
libvirt-daemon-driver-nodedev

libvirt-daemon-driver-nodedev is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003008 of type rpminfo_object
Name
libvirt-daemon-driver-nodedev

libvirt-daemon-driver-nwfilter is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003009 of type rpminfo_object
Name
libvirt-daemon-driver-nwfilter

libvirt-daemon-driver-nwfilter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003009 of type rpminfo_object
Name
libvirt-daemon-driver-nwfilter

libvirt-daemon-driver-qemu is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003010 of type rpminfo_object
Name
libvirt-daemon-driver-qemu

libvirt-daemon-driver-qemu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003010 of type rpminfo_object
Name
libvirt-daemon-driver-qemu

libvirt-daemon-driver-secret is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003011 of type rpminfo_object
Name
libvirt-daemon-driver-secret

libvirt-daemon-driver-secret is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003011 of type rpminfo_object
Name
libvirt-daemon-driver-secret

libvirt-daemon-driver-storage is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003012 of type rpminfo_object
Name
libvirt-daemon-driver-storage

libvirt-daemon-driver-storage is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003012 of type rpminfo_object
Name
libvirt-daemon-driver-storage

libvirt-daemon-driver-storage-core is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003013 of type rpminfo_object
Name
libvirt-daemon-driver-storage-core

libvirt-daemon-driver-storage-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003013 of type rpminfo_object
Name
libvirt-daemon-driver-storage-core

libvirt-daemon-driver-storage-disk is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003014 of type rpminfo_object
Name
libvirt-daemon-driver-storage-disk

libvirt-daemon-driver-storage-disk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003014 of type rpminfo_object
Name
libvirt-daemon-driver-storage-disk

libvirt-daemon-driver-storage-iscsi is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003015 of type rpminfo_object
Name
libvirt-daemon-driver-storage-iscsi

libvirt-daemon-driver-storage-iscsi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003015 of type rpminfo_object
Name
libvirt-daemon-driver-storage-iscsi

libvirt-daemon-driver-storage-logical is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003016 of type rpminfo_object
Name
libvirt-daemon-driver-storage-logical

libvirt-daemon-driver-storage-logical is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003016 of type rpminfo_object
Name
libvirt-daemon-driver-storage-logical

libvirt-daemon-driver-storage-mpath is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003017 of type rpminfo_object
Name
libvirt-daemon-driver-storage-mpath

libvirt-daemon-driver-storage-mpath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003017 of type rpminfo_object
Name
libvirt-daemon-driver-storage-mpath

libvirt-daemon-driver-storage-rbd is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003018 of type rpminfo_object
Name
libvirt-daemon-driver-storage-rbd

libvirt-daemon-driver-storage-rbd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003018 of type rpminfo_object
Name
libvirt-daemon-driver-storage-rbd

libvirt-daemon-driver-storage-scsi is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003019 of type rpminfo_object
Name
libvirt-daemon-driver-storage-scsi

libvirt-daemon-driver-storage-scsi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003019 of type rpminfo_object
Name
libvirt-daemon-driver-storage-scsi

libvirt-daemon-kvm is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003020 of type rpminfo_object
Name
libvirt-daemon-kvm

libvirt-daemon-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003020 of type rpminfo_object
Name
libvirt-daemon-kvm

libvirt-devel is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003021 of type rpminfo_object
Name
libvirt-devel

libvirt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003021 of type rpminfo_object
Name
libvirt-devel

libvirt-docs is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003022 of type rpminfo_object
Name
libvirt-docs

libvirt-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003022 of type rpminfo_object
Name
libvirt-docs

libvirt-libs is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003023 of type rpminfo_object
Name
libvirt-libs

libvirt-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003023 of type rpminfo_object
Name
libvirt-libs

libvirt-lock-sanlock is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003024 of type rpminfo_object
Name
libvirt-lock-sanlock

libvirt-lock-sanlock is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003024 of type rpminfo_object
Name
libvirt-lock-sanlock

libvirt-nss is earlier than 0:8.5.0-7.el9_1  oval:com.redhat.rhsa:tst:20228003049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003025 of type rpminfo_object
Name
libvirt-nss

libvirt-nss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20228003050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20228003025 of type rpminfo_object
Name
libvirt-nss
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227979
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

speex is earlier than 0:1.2.0-11.el9  oval:com.redhat.rhsa:tst:20227979001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
speexaarch64(none)11.el91.2.00:1.2.0-11.el9199e2f91fd431d51speex-0:1.2.0-11.el9.aarch64

speex is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227979002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
speexaarch64(none)11.el91.2.00:1.2.0-11.el9199e2f91fd431d51speex-0:1.2.0-11.el9.aarch64

speex-devel is earlier than 0:1.2.0-11.el9  oval:com.redhat.rhsa:tst:20227979003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227979002 of type rpminfo_object
Name
speex-devel

speex-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227979004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227979002 of type rpminfo_object
Name
speex-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227978
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gimp is earlier than 2:2.99.8-3.el9  oval:com.redhat.rhsa:tst:20227978001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227978001 of type rpminfo_object
Name
gimp

gimp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227978002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227978001 of type rpminfo_object
Name
gimp

gimp-libs is earlier than 2:2.99.8-3.el9  oval:com.redhat.rhsa:tst:20227978003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227978002 of type rpminfo_object
Name
gimp-libs

gimp-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227978004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227978002 of type rpminfo_object
Name
gimp-libs
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227970
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

protobuf is earlier than 0:3.14.0-13.el9  oval:com.redhat.rhsa:tst:20227970001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970001 of type rpminfo_object
Name
protobuf

protobuf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227970002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970001 of type rpminfo_object
Name
protobuf

protobuf-compiler is earlier than 0:3.14.0-13.el9  oval:com.redhat.rhsa:tst:20227970003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970002 of type rpminfo_object
Name
protobuf-compiler

protobuf-compiler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227970004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970002 of type rpminfo_object
Name
protobuf-compiler

protobuf-devel is earlier than 0:3.14.0-13.el9  oval:com.redhat.rhsa:tst:20227970005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970003 of type rpminfo_object
Name
protobuf-devel

protobuf-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227970006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970003 of type rpminfo_object
Name
protobuf-devel

protobuf-lite is earlier than 0:3.14.0-13.el9  oval:com.redhat.rhsa:tst:20227970007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970004 of type rpminfo_object
Name
protobuf-lite

protobuf-lite is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227970008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970004 of type rpminfo_object
Name
protobuf-lite

protobuf-lite-devel is earlier than 0:3.14.0-13.el9  oval:com.redhat.rhsa:tst:20227970009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970005 of type rpminfo_object
Name
protobuf-lite-devel

protobuf-lite-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227970010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970005 of type rpminfo_object
Name
protobuf-lite-devel

python3-protobuf is earlier than 0:3.14.0-13.el9  oval:com.redhat.rhsa:tst:20227970011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970006 of type rpminfo_object
Name
python3-protobuf

python3-protobuf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227970012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227970006 of type rpminfo_object
Name
python3-protobuf
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227968
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

virt-v2v is earlier than 1:2.0.7-6.el9  oval:com.redhat.rhsa:tst:20227968001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227968001 of type rpminfo_object
Name
virt-v2v

virt-v2v is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227968002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227968001 of type rpminfo_object
Name
virt-v2v

virt-v2v-bash-completion is earlier than 1:2.0.7-6.el9  oval:com.redhat.rhsa:tst:20227968003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227968002 of type rpminfo_object
Name
virt-v2v-bash-completion

virt-v2v-bash-completion is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227968004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227968002 of type rpminfo_object
Name
virt-v2v-bash-completion

virt-v2v-man-pages-ja is earlier than 1:2.0.7-6.el9  oval:com.redhat.rhsa:tst:20227968005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227968003 of type rpminfo_object
Name
virt-v2v-man-pages-ja

virt-v2v-man-pages-ja is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227968006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227968003 of type rpminfo_object
Name
virt-v2v-man-pages-ja

virt-v2v-man-pages-uk is earlier than 1:2.0.7-6.el9  oval:com.redhat.rhsa:tst:20227968007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227968004 of type rpminfo_object
Name
virt-v2v-man-pages-uk

virt-v2v-man-pages-uk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227968008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227968004 of type rpminfo_object
Name
virt-v2v-man-pages-uk
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227967
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

qemu-guest-agent is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
qemu-guest-agentaarch641716.el9_3.18.0.017:8.0.0-16.el9_3.1199e2f91fd431d51qemu-guest-agent-17:8.0.0-16.el9_3.1.aarch64

qemu-guest-agent is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
qemu-guest-agentaarch641716.el9_3.18.0.017:8.0.0-16.el9_3.1199e2f91fd431d51qemu-guest-agent-17:8.0.0-16.el9_3.1.aarch64

qemu-img is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263002 of type rpminfo_object
Name
qemu-img

qemu-img is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263002 of type rpminfo_object
Name
qemu-img

qemu-kvm is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263003 of type rpminfo_object
Name
qemu-kvm

qemu-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263003 of type rpminfo_object
Name
qemu-kvm

qemu-kvm-audio-pa is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263004 of type rpminfo_object
Name
qemu-kvm-audio-pa

qemu-kvm-audio-pa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263004 of type rpminfo_object
Name
qemu-kvm-audio-pa

qemu-kvm-block-curl is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263005 of type rpminfo_object
Name
qemu-kvm-block-curl

qemu-kvm-block-curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263005 of type rpminfo_object
Name
qemu-kvm-block-curl

qemu-kvm-block-rbd is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263006 of type rpminfo_object
Name
qemu-kvm-block-rbd

qemu-kvm-block-rbd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263006 of type rpminfo_object
Name
qemu-kvm-block-rbd

qemu-kvm-common is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263007 of type rpminfo_object
Name
qemu-kvm-common

qemu-kvm-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263007 of type rpminfo_object
Name
qemu-kvm-common

qemu-kvm-core is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263008 of type rpminfo_object
Name
qemu-kvm-core

qemu-kvm-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263008 of type rpminfo_object
Name
qemu-kvm-core

qemu-kvm-device-display-virtio-gpu is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263009 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu

qemu-kvm-device-display-virtio-gpu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263009 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu

qemu-kvm-device-display-virtio-gpu-ccw is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263010 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-ccw

qemu-kvm-device-display-virtio-gpu-ccw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263010 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-ccw

qemu-kvm-device-display-virtio-gpu-gl is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263011 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-gl

qemu-kvm-device-display-virtio-gpu-gl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263011 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-gl

qemu-kvm-device-display-virtio-gpu-pci is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263012 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci

qemu-kvm-device-display-virtio-gpu-pci is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263012 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci

qemu-kvm-device-display-virtio-gpu-pci-gl is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263013 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci-gl

qemu-kvm-device-display-virtio-gpu-pci-gl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263013 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci-gl

qemu-kvm-device-display-virtio-vga is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263014 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga

qemu-kvm-device-display-virtio-vga is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263014 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga

qemu-kvm-device-display-virtio-vga-gl is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263015 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga-gl

qemu-kvm-device-display-virtio-vga-gl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263015 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga-gl

qemu-kvm-device-usb-host is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263016 of type rpminfo_object
Name
qemu-kvm-device-usb-host

qemu-kvm-device-usb-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263016 of type rpminfo_object
Name
qemu-kvm-device-usb-host

qemu-kvm-device-usb-redirect is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263017 of type rpminfo_object
Name
qemu-kvm-device-usb-redirect

qemu-kvm-device-usb-redirect is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263017 of type rpminfo_object
Name
qemu-kvm-device-usb-redirect

qemu-kvm-docs is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263018 of type rpminfo_object
Name
qemu-kvm-docs

qemu-kvm-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263018 of type rpminfo_object
Name
qemu-kvm-docs

qemu-kvm-tools is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263019 of type rpminfo_object
Name
qemu-kvm-tools

qemu-kvm-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263019 of type rpminfo_object
Name
qemu-kvm-tools

qemu-kvm-ui-egl-headless is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263020 of type rpminfo_object
Name
qemu-kvm-ui-egl-headless

qemu-kvm-ui-egl-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263020 of type rpminfo_object
Name
qemu-kvm-ui-egl-headless

qemu-kvm-ui-opengl is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263021 of type rpminfo_object
Name
qemu-kvm-ui-opengl

qemu-kvm-ui-opengl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263021 of type rpminfo_object
Name
qemu-kvm-ui-opengl

qemu-pr-helper is earlier than 17:7.0.0-13.el9  oval:com.redhat.rhsa:tst:20227967043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263022 of type rpminfo_object
Name
qemu-pr-helper

qemu-pr-helper is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263022 of type rpminfo_object
Name
qemu-pr-helper
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227959
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

guestfs-tools is earlier than 0:1.48.2-5.el9  oval:com.redhat.rhsa:tst:20227959001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227959001 of type rpminfo_object
Name
guestfs-tools

guestfs-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227959002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227959001 of type rpminfo_object
Name
guestfs-tools

virt-win-reg is earlier than 0:1.48.2-5.el9  oval:com.redhat.rhsa:tst:20227959003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227959002 of type rpminfo_object
Name
virt-win-reg

virt-win-reg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227959004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227959002 of type rpminfo_object
Name
virt-win-reg
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227958
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libguestfs is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958001 of type rpminfo_object
Name
libguestfs

libguestfs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958001 of type rpminfo_object
Name
libguestfs

libguestfs-appliance is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958002 of type rpminfo_object
Name
libguestfs-appliance

libguestfs-appliance is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958002 of type rpminfo_object
Name
libguestfs-appliance

libguestfs-bash-completion is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958003 of type rpminfo_object
Name
libguestfs-bash-completion

libguestfs-bash-completion is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958003 of type rpminfo_object
Name
libguestfs-bash-completion

libguestfs-devel is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958004 of type rpminfo_object
Name
libguestfs-devel

libguestfs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958004 of type rpminfo_object
Name
libguestfs-devel

libguestfs-gobject is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958005 of type rpminfo_object
Name
libguestfs-gobject

libguestfs-gobject is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958005 of type rpminfo_object
Name
libguestfs-gobject

libguestfs-gobject-devel is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958006 of type rpminfo_object
Name
libguestfs-gobject-devel

libguestfs-gobject-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958006 of type rpminfo_object
Name
libguestfs-gobject-devel

libguestfs-inspect-icons is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958007 of type rpminfo_object
Name
libguestfs-inspect-icons

libguestfs-inspect-icons is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958007 of type rpminfo_object
Name
libguestfs-inspect-icons

libguestfs-man-pages-ja is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958008 of type rpminfo_object
Name
libguestfs-man-pages-ja

libguestfs-man-pages-ja is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958008 of type rpminfo_object
Name
libguestfs-man-pages-ja

libguestfs-man-pages-uk is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958009 of type rpminfo_object
Name
libguestfs-man-pages-uk

libguestfs-man-pages-uk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958009 of type rpminfo_object
Name
libguestfs-man-pages-uk

libguestfs-rescue is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958010 of type rpminfo_object
Name
libguestfs-rescue

libguestfs-rescue is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958010 of type rpminfo_object
Name
libguestfs-rescue

libguestfs-rsync is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958011 of type rpminfo_object
Name
libguestfs-rsync

libguestfs-rsync is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958011 of type rpminfo_object
Name
libguestfs-rsync

libguestfs-xfs is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958012 of type rpminfo_object
Name
libguestfs-xfs

libguestfs-xfs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958012 of type rpminfo_object
Name
libguestfs-xfs

lua-guestfs is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958013 of type rpminfo_object
Name
lua-guestfs

lua-guestfs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958013 of type rpminfo_object
Name
lua-guestfs

ocaml-libguestfs is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958014 of type rpminfo_object
Name
ocaml-libguestfs

ocaml-libguestfs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958014 of type rpminfo_object
Name
ocaml-libguestfs

ocaml-libguestfs-devel is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958015 of type rpminfo_object
Name
ocaml-libguestfs-devel

ocaml-libguestfs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958015 of type rpminfo_object
Name
ocaml-libguestfs-devel

perl-Sys-Guestfs is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958016 of type rpminfo_object
Name
perl-Sys-Guestfs

perl-Sys-Guestfs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958016 of type rpminfo_object
Name
perl-Sys-Guestfs

php-libguestfs is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958017 of type rpminfo_object
Name
php-libguestfs

php-libguestfs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958017 of type rpminfo_object
Name
php-libguestfs

python3-libguestfs is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958018 of type rpminfo_object
Name
python3-libguestfs

python3-libguestfs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958018 of type rpminfo_object
Name
python3-libguestfs

ruby-libguestfs is earlier than 1:1.48.4-2.el9  oval:com.redhat.rhsa:tst:20227958037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958019 of type rpminfo_object
Name
ruby-libguestfs

ruby-libguestfs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227958038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227958019 of type rpminfo_object
Name
ruby-libguestfs
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227955
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

skopeo is earlier than 2:1.9.2-1.el9  oval:com.redhat.rhsa:tst:20227955001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955001 of type rpminfo_object
Name
skopeo

skopeo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227955002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955001 of type rpminfo_object
Name
skopeo

skopeo-tests is earlier than 2:1.9.2-1.el9  oval:com.redhat.rhsa:tst:20227955003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955002 of type rpminfo_object
Name
skopeo-tests

skopeo-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227955004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227955002 of type rpminfo_object
Name
skopeo-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227954
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

podman is earlier than 2:4.2.0-3.el9  oval:com.redhat.rhsa:tst:20227954001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
podmanaarch6427.el9_34.6.12:4.6.1-7.el9_3199e2f91fd431d51podman-2:4.6.1-7.el9_3.aarch64

podman is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
podmanaarch6427.el9_34.6.12:4.6.1-7.el9_3199e2f91fd431d51podman-2:4.6.1-7.el9_3.aarch64

podman-docker is earlier than 2:4.2.0-3.el9  oval:com.redhat.rhsa:tst:20227954003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954002 of type rpminfo_object
Name
podman-docker

podman-docker is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954002 of type rpminfo_object
Name
podman-docker

podman-gvproxy is earlier than 2:4.2.0-3.el9  oval:com.redhat.rhsa:tst:20227954005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954003 of type rpminfo_object
Name
podman-gvproxy

podman-gvproxy is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954003 of type rpminfo_object
Name
podman-gvproxy

podman-plugins is earlier than 2:4.2.0-3.el9  oval:com.redhat.rhsa:tst:20227954007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954004 of type rpminfo_object
Name
podman-plugins

podman-plugins is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954004 of type rpminfo_object
Name
podman-plugins

podman-remote is earlier than 2:4.2.0-3.el9  oval:com.redhat.rhsa:tst:20227954009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954005 of type rpminfo_object
Name
podman-remote

podman-remote is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954005 of type rpminfo_object
Name
podman-remote

podman-tests is earlier than 2:4.2.0-3.el9  oval:com.redhat.rhsa:tst:20227954011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954006 of type rpminfo_object
Name
podman-tests

podman-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227954012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227954006 of type rpminfo_object
Name
podman-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227950
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

weldr-client is earlier than 0:35.5-4.el9  oval:com.redhat.rhsa:tst:20227950001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227950001 of type rpminfo_object
Name
weldr-client

weldr-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227950002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227950001 of type rpminfo_object
Name
weldr-client
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227935
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pcs is earlier than 0:0.11.3-4.el9  oval:com.redhat.rhsa:tst:20227935001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs-snmp is earlier than 0:0.11.3-4.el9  oval:com.redhat.rhsa:tst:20227935003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp

pcs-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227933
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-162.6.1.rt21.168.el9_1 is currently running  oval:com.redhat.rhsa:tst:20227933025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-162.6.1.rt21.168.el9_1 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20227933026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227933015 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-extra is earlier than 0:5.14.0-162.6.1.rt21.168.el9_1  oval:com.redhat.rhsa:tst:20227933023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227330
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-70.13.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20225214006  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-70.13.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20227330007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227330005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-70.13.1.el9_0  oval:com.redhat.rhsa:tst:20225214001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-70.13.1.el9_0  oval:com.redhat.rhsa:tst:20225214003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225214002 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_13_1

kpatch-patch-5_14_0-70_13_1 is earlier than 0:1-4.el9_0  oval:com.redhat.rhsa:tst:20227330004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225214002 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_13_1

kpatch-patch-5_14_0-70_13_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225214002 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_13_1

kernel version 0:5.14.0-70.17.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20226592012  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-70.17.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20227330013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227330005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20226592008  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20226592009  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592006 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_17_1

kpatch-patch-5_14_0-70_17_1 is earlier than 0:1-3.el9_0  oval:com.redhat.rhsa:tst:20227330010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592006 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_17_1

kpatch-patch-5_14_0-70_17_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226592011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592006 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_17_1

kernel version 0:5.14.0-70.22.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20226592018  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-70.22.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20227330019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227330005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226592014  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226592015  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592007 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_22_1

kpatch-patch-5_14_0-70_22_1 is earlier than 0:1-3.el9_0  oval:com.redhat.rhsa:tst:20227330016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592007 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_22_1

kpatch-patch-5_14_0-70_22_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226592017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592007 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_22_1

kernel version 0:5.14.0-70.26.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20227330024  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-70.26.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20227330025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227330005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20227330020  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20227330021  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227330008 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_26_1

kpatch-patch-5_14_0-70_26_1 is earlier than 0:1-2.el9_0  oval:com.redhat.rhsa:tst:20227330022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227330008 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_26_1

kpatch-patch-5_14_0-70_26_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227330023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227330008 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_26_1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227329
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

lua is earlier than 0:5.4.2-4.el9_0.3  oval:com.redhat.rhsa:tst:20227329001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329001 of type rpminfo_object
Name
lua

lua is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227329002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329001 of type rpminfo_object
Name
lua

lua-devel is earlier than 0:5.4.2-4.el9_0.3  oval:com.redhat.rhsa:tst:20227329003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329002 of type rpminfo_object
Name
lua-devel

lua-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227329004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227329002 of type rpminfo_object
Name
lua-devel

lua-libs is earlier than 0:5.4.2-4.el9_0.3  oval:com.redhat.rhsa:tst:20227329005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
lua-libsaarch64(none)4.el95.4.40:5.4.4-4.el9199e2f91fd431d51lua-libs-0:5.4.4-4.el9.aarch64

lua-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227329006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
lua-libsaarch64(none)4.el95.4.40:5.4.4-4.el9199e2f91fd431d51lua-libs-0:5.4.4-4.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227326
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pki-acme is earlier than 0:11.0.6-2.el9_0  oval:com.redhat.rhsa:tst:20227326001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326001 of type rpminfo_object
Name
pki-acme

pki-acme is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227326002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326001 of type rpminfo_object
Name
pki-acme

pki-base is earlier than 0:11.0.6-2.el9_0  oval:com.redhat.rhsa:tst:20227326003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326002 of type rpminfo_object
Name
pki-base

pki-base is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227326004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326002 of type rpminfo_object
Name
pki-base

pki-base-java is earlier than 0:11.0.6-2.el9_0  oval:com.redhat.rhsa:tst:20227326005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326003 of type rpminfo_object
Name
pki-base-java

pki-base-java is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227326006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326003 of type rpminfo_object
Name
pki-base-java

pki-ca is earlier than 0:11.0.6-2.el9_0  oval:com.redhat.rhsa:tst:20227326007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326004 of type rpminfo_object
Name
pki-ca

pki-ca is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227326008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326004 of type rpminfo_object
Name
pki-ca

pki-kra is earlier than 0:11.0.6-2.el9_0  oval:com.redhat.rhsa:tst:20227326009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326005 of type rpminfo_object
Name
pki-kra

pki-kra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227326010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326005 of type rpminfo_object
Name
pki-kra

pki-server is earlier than 0:11.0.6-2.el9_0  oval:com.redhat.rhsa:tst:20227326011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326006 of type rpminfo_object
Name
pki-server

pki-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227326012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326006 of type rpminfo_object
Name
pki-server

pki-symkey is earlier than 0:11.0.6-2.el9_0  oval:com.redhat.rhsa:tst:20227326013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326007 of type rpminfo_object
Name
pki-symkey

pki-symkey is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227326014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326007 of type rpminfo_object
Name
pki-symkey

pki-tools is earlier than 0:11.0.6-2.el9_0  oval:com.redhat.rhsa:tst:20227326015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326008 of type rpminfo_object
Name
pki-tools

pki-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227326016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326008 of type rpminfo_object
Name
pki-tools

python3-pki is earlier than 0:11.0.6-2.el9_0  oval:com.redhat.rhsa:tst:20227326017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326009 of type rpminfo_object
Name
python3-pki

python3-pki is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227326018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227326009 of type rpminfo_object
Name
python3-pki
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227323
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

python-unversioned-command is earlier than 0:3.9.10-3.el9_0  oval:com.redhat.rhsa:tst:20227323001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python-unversioned-command is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python-unversioned-commandnoarch(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python-unversioned-command-0:3.9.18-1.el9_3.noarch

python3 is earlier than 0:3.9.10-3.el9_0  oval:com.redhat.rhsa:tst:20227323003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3aarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-0:3.9.18-1.el9_3.aarch64

python3-debug is earlier than 0:3.9.10-3.el9_0  oval:com.redhat.rhsa:tst:20227323005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323003 of type rpminfo_object
Name
python3-debug

python3-devel is earlier than 0:3.9.10-3.el9_0  oval:com.redhat.rhsa:tst:20227323007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323004 of type rpminfo_object
Name
python3-devel

python3-idle is earlier than 0:3.9.10-3.el9_0  oval:com.redhat.rhsa:tst:20227323009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-idle is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323005 of type rpminfo_object
Name
python3-idle

python3-libs is earlier than 0:3.9.10-3.el9_0  oval:com.redhat.rhsa:tst:20227323011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libsaarch64(none)1.el9_33.9.180:3.9.18-1.el9_3199e2f91fd431d51python3-libs-0:3.9.18-1.el9_3.aarch64

python3-test is earlier than 0:3.9.10-3.el9_0  oval:com.redhat.rhsa:tst:20227323013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323007 of type rpminfo_object
Name
python3-test

python3-tkinter is earlier than 0:3.9.10-3.el9_0  oval:com.redhat.rhsa:tst:20227323015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter

python3-tkinter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227323016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227323008 of type rpminfo_object
Name
python3-tkinter
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227319
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel earlier than 0:5.14.0-70.30.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20227318057  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-70.30.1.rt21.102.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20227319026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227319015 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-extra is earlier than 0:5.14.0-70.30.1.rt21.102.el9_0  oval:com.redhat.rhsa:tst:20227319023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227318
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel earlier than 0:5.14.0-70.30.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20227318057  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-70.30.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20227318058  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227318031 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-abi-stablelists is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-extra is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-devel is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-headers is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-modules is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318031  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318037  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-zfcpdump is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-70.30.1.el9_0  oval:com.redhat.rhsa:tst:20227318055  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227314
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

zlib is earlier than 0:1.2.11-32.el9_0  oval:com.redhat.rhsa:tst:20227314001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
zlibaarch64(none)40.el91.2.110:1.2.11-40.el9199e2f91fd431d51zlib-0:1.2.11-40.el9.aarch64

zlib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224584002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
zlibaarch64(none)40.el91.2.110:1.2.11-40.el9199e2f91fd431d51zlib-0:1.2.11-40.el9.aarch64

zlib-devel is earlier than 0:1.2.11-32.el9_0  oval:com.redhat.rhsa:tst:20227314003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224584002 of type rpminfo_object
Name
zlib-devel

zlib-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224584004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224584002 of type rpminfo_object
Name
zlib-devel

zlib-static is earlier than 0:1.2.11-32.el9_0  oval:com.redhat.rhsa:tst:20227314005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224584003 of type rpminfo_object
Name
zlib-static

zlib-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224584006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224584003 of type rpminfo_object
Name
zlib-static
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227288
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

openssl is earlier than 1:3.0.1-43.el9_0  oval:com.redhat.rhsa:tst:20227288001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl-devel is earlier than 1:3.0.1-43.el9_0  oval:com.redhat.rhsa:tst:20227288003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-libs is earlier than 1:3.0.1-43.el9_0  oval:com.redhat.rhsa:tst:20227288005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-perl is earlier than 1:3.0.1-43.el9_0  oval:com.redhat.rhsa:tst:20227288007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl

openssl-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227185
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

device-mapper-multipath is earlier than 0:0.8.7-7.el9_0.1  oval:com.redhat.rhsa:tst:20227185001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
device-mapper-multipathaarch64(none)22.el90.8.70:0.8.7-22.el9199e2f91fd431d51device-mapper-multipath-0:0.8.7-22.el9.aarch64

device-mapper-multipath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227185002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
device-mapper-multipathaarch64(none)22.el90.8.70:0.8.7-22.el9199e2f91fd431d51device-mapper-multipath-0:0.8.7-22.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227178
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.4.0-1.el9_0  oval:com.redhat.rhsa:tst:20227178001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227090
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libksba is earlier than 0:1.5.1-5.el9_0  oval:com.redhat.rhsa:tst:20227090001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libksbaaarch64(none)6.el9_11.5.10:1.5.1-6.el9_1199e2f91fd431d51libksba-0:1.5.1-6.el9_1.aarch64

libksba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227090002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libksbaaarch64(none)6.el9_11.5.10:1.5.1-6.el9_1199e2f91fd431d51libksba-0:1.5.1-6.el9_1.aarch64

libksba-devel is earlier than 0:1.5.1-5.el9_0  oval:com.redhat.rhsa:tst:20227090003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227090002 of type rpminfo_object
Name
libksba-devel

libksba-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20227090004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20227090002 of type rpminfo_object
Name
libksba-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227071
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.4.0-1.el9_0  oval:com.redhat.rhsa:tst:20227071001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227026
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.3.0-4.el9_0  oval:com.redhat.rhsa:tst:20227026001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227020
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.3.0-7.el9_0  oval:com.redhat.rhsa:tst:20227020001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227013
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-11-openjdk is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk-demo is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo-fastdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-slowdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-devel is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel-fastdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-slowdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-fastdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-headless is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless-fastdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-slowdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-javadoc is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc-zip is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-jmods is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods-fastdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-slowdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-slowdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-src is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src-fastdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-slowdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-static-libs is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs-fastdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-slowdebug is earlier than 1:11.0.17.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20227013045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug

java-11-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20227007
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-1.8.0-openjdk is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk-demo is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo-fastdebug is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-slowdebug is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-devel is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel-fastdebug is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-slowdebug is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-fastdebug is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-headless is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless-fastdebug is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-slowdebug is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-slowdebug is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-src is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src-fastdebug is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-slowdebug is earlier than 1:1.8.0.352.b08-2.el9_0  oval:com.redhat.rhsa:tst:20227007033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug

java-1.8.0-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226999
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-17-openjdk is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk-demo is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo-fastdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-slowdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-devel is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel-fastdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-slowdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-fastdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-headless is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless-fastdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-slowdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-javadoc is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc-zip is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-jmods is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods-fastdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-slowdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-slowdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-src is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src-fastdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-slowdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-static-libs is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs-fastdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-slowdebug is earlier than 1:17.0.5.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20226999045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug

java-17-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226963
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nodejs is earlier than 1:16.17.1-1.el9_0  oval:com.redhat.rhsa:tst:20226963001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-docs is earlier than 1:16.17.1-1.el9_0  oval:com.redhat.rhsa:tst:20226963003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:16.17.1-1.el9_0  oval:com.redhat.rhsa:tst:20226963005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-libs is earlier than 1:16.17.1-1.el9_0  oval:com.redhat.rhsa:tst:20226963007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

nodejs-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226595008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

npm is earlier than 1:8.15.0-1.16.17.1.1.el9_0  oval:com.redhat.rhsa:tst:20226963009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226913
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20226913001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20226913003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20226913005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-host is earlier than 0:6.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20226913007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-6.0 is earlier than 0:6.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20226913009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20226913011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.110-1.el9_0  oval:com.redhat.rhsa:tst:20226913013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.110-1.el9_0  oval:com.redhat.rhsa:tst:20226913015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20226913017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.110-1.el9_0  oval:com.redhat.rhsa:tst:20226913019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

netstandard-targeting-pack-2.1 is earlier than 0:6.0.110-1.el9_0  oval:com.redhat.rhsa:tst:20226913021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226854
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gnutls is earlier than 0:3.7.6-12.el9_0  oval:com.redhat.rhsa:tst:20226854001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gnutlsaarch64(none)23.el93.7.60:3.7.6-23.el9199e2f91fd431d51gnutls-0:3.7.6-23.el9.aarch64

gnutls is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gnutlsaarch64(none)23.el93.7.60:3.7.6-23.el9199e2f91fd431d51gnutls-0:3.7.6-23.el9.aarch64

gnutls-c++ is earlier than 0:3.7.6-12.el9_0  oval:com.redhat.rhsa:tst:20226854003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854002 of type rpminfo_object
Name
gnutls-c++

gnutls-c++ is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854002 of type rpminfo_object
Name
gnutls-c++

gnutls-dane is earlier than 0:3.7.6-12.el9_0  oval:com.redhat.rhsa:tst:20226854005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854003 of type rpminfo_object
Name
gnutls-dane

gnutls-dane is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854003 of type rpminfo_object
Name
gnutls-dane

gnutls-devel is earlier than 0:3.7.6-12.el9_0  oval:com.redhat.rhsa:tst:20226854007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854004 of type rpminfo_object
Name
gnutls-devel

gnutls-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854004 of type rpminfo_object
Name
gnutls-devel

gnutls-utils is earlier than 0:3.7.6-12.el9_0  oval:com.redhat.rhsa:tst:20226854009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854005 of type rpminfo_object
Name
gnutls-utils

gnutls-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226854010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226854005 of type rpminfo_object
Name
gnutls-utils
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226839
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

squid is earlier than 7:5.2-1.el9_0.2  oval:com.redhat.rhsa:tst:20226839001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid

squid is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225527002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226838
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

expat is earlier than 0:2.2.10-12.el9_0.3  oval:com.redhat.rhsa:tst:20226838001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
expataarch64(none)1.el92.5.00:2.5.0-1.el9199e2f91fd431d51expat-0:2.5.0-1.el9.aarch64

expat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225244002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
expataarch64(none)1.el92.5.00:2.5.0-1.el9199e2f91fd431d51expat-0:2.5.0-1.el9.aarch64

expat-devel is earlier than 0:2.2.10-12.el9_0.3  oval:com.redhat.rhsa:tst:20226838003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225244002 of type rpminfo_object
Name
expat-devel

expat-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225244004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225244002 of type rpminfo_object
Name
expat-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226763
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

bind is earlier than 32:9.16.23-1.el9_0.1  oval:com.redhat.rhsa:tst:20226763001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763001 of type rpminfo_object
Name
bind

bind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763001 of type rpminfo_object
Name
bind

bind-chroot is earlier than 32:9.16.23-1.el9_0.1  oval:com.redhat.rhsa:tst:20226763003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763002 of type rpminfo_object
Name
bind-chroot

bind-chroot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763002 of type rpminfo_object
Name
bind-chroot

bind-devel is earlier than 32:9.16.23-1.el9_0.1  oval:com.redhat.rhsa:tst:20226763005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763003 of type rpminfo_object
Name
bind-devel

bind-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763003 of type rpminfo_object
Name
bind-devel

bind-dnssec-doc is earlier than 32:9.16.23-1.el9_0.1  oval:com.redhat.rhsa:tst:20226763007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763004 of type rpminfo_object
Name
bind-dnssec-doc

bind-dnssec-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763004 of type rpminfo_object
Name
bind-dnssec-doc

bind-dnssec-utils is earlier than 32:9.16.23-1.el9_0.1  oval:com.redhat.rhsa:tst:20226763009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763005 of type rpminfo_object
Name
bind-dnssec-utils

bind-dnssec-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763005 of type rpminfo_object
Name
bind-dnssec-utils

bind-libs is earlier than 32:9.16.23-1.el9_0.1  oval:com.redhat.rhsa:tst:20226763011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-libsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-libs-32:9.16.23-14.el9_3.aarch64

bind-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-libsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-libs-32:9.16.23-14.el9_3.aarch64

bind-license is earlier than 32:9.16.23-1.el9_0.1  oval:com.redhat.rhsa:tst:20226763013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-licensenoarch3214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-license-32:9.16.23-14.el9_3.noarch

bind-license is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-licensenoarch3214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-license-32:9.16.23-14.el9_3.noarch

bind-utils is earlier than 32:9.16.23-1.el9_0.1  oval:com.redhat.rhsa:tst:20226763015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-utilsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-utils-32:9.16.23-14.el9_3.aarch64

bind-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bind-utilsaarch643214.el9_39.16.2332:9.16.23-14.el9_3199e2f91fd431d51bind-utils-32:9.16.23-14.el9_3.aarch64

python3-bind is earlier than 32:9.16.23-1.el9_0.1  oval:com.redhat.rhsa:tst:20226763017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763009 of type rpminfo_object
Name
python3-bind

python3-bind is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226763018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226763009 of type rpminfo_object
Name
python3-bind
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226717
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:102.3.0-3.el9_0  oval:com.redhat.rhsa:tst:20226717001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226700
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:102.3.0-6.el9_0  oval:com.redhat.rhsa:tst:20226700001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226634
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

webkit2gtk3 is earlier than 0:2.36.7-1.el9_0  oval:com.redhat.rhsa:tst:20226634001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3aarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-devel is earlier than 0:2.36.7-1.el9_0  oval:com.redhat.rhsa:tst:20226634003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634002 of type rpminfo_object
Name
webkit2gtk3-devel

webkit2gtk3-jsc is earlier than 0:2.36.7-1.el9_0  oval:com.redhat.rhsa:tst:20226634005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
webkit2gtk3-jscaarch64(none)1.el9_3.12.40.50:2.40.5-1.el9_3.1199e2f91fd431d51webkit2gtk3-jsc-0:2.40.5-1.el9_3.1.aarch64

webkit2gtk3-jsc-devel is earlier than 0:2.36.7-1.el9_0  oval:com.redhat.rhsa:tst:20226634007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel

webkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226634008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226634004 of type rpminfo_object
Name
webkit2gtk3-jsc-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226610
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-70.26.1.rt21.98.el9_0 is currently running  oval:com.redhat.rhsa:tst:20226582025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-70.26.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20226610056  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226610030 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-abi-stablelists is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-extra is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-devel is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-modules is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610033  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-zfcpdump is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-70.26.1.el9_0  oval:com.redhat.rhsa:tst:20226610053  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226608
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

dbus-broker is earlier than 0:28-5.1.el9_0  oval:com.redhat.rhsa:tst:20226608001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-brokeraarch64(none)7.el9280:28-7.el9199e2f91fd431d51dbus-broker-0:28-7.el9.aarch64

dbus-broker is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226608002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
dbus-brokeraarch64(none)7.el9280:28-7.el9199e2f91fd431d51dbus-broker-0:28-7.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226602
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gnupg2 is earlier than 0:2.3.3-2.el9_0  oval:com.redhat.rhsa:tst:20226602001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gnupg2aarch64(none)4.el92.3.30:2.3.3-4.el9199e2f91fd431d51gnupg2-0:2.3.3-4.el9.aarch64

gnupg2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226602002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gnupg2aarch64(none)4.el92.3.30:2.3.3-4.el9199e2f91fd431d51gnupg2-0:2.3.3-4.el9.aarch64

gnupg2-smime is earlier than 0:2.3.3-2.el9_0  oval:com.redhat.rhsa:tst:20226602003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226602002 of type rpminfo_object
Name
gnupg2-smime

gnupg2-smime is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226602004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226602002 of type rpminfo_object
Name
gnupg2-smime
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226595
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

nodejs is earlier than 1:16.16.0-1.el9_0  oval:com.redhat.rhsa:tst:20226595001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-docs is earlier than 1:16.16.0-1.el9_0  oval:com.redhat.rhsa:tst:20226595003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:16.16.0-1.el9_0  oval:com.redhat.rhsa:tst:20226595005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-libs is earlier than 1:16.16.0-1.el9_0  oval:com.redhat.rhsa:tst:20226595007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

nodejs-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226595008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226595004 of type rpminfo_object
Name
nodejs-libs

npm is earlier than 1:8.11.0-1.16.16.0.1.el9_0  oval:com.redhat.rhsa:tst:20226595009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

nodejs-nodemon is earlier than 0:2.0.19-1.el9_0  oval:com.redhat.rhsa:tst:20226595011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-nodemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226592
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-70.13.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20225214006  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-70.13.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20226592007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-70.13.1.el9_0  oval:com.redhat.rhsa:tst:20225214001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-70.13.1.el9_0  oval:com.redhat.rhsa:tst:20225214003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225214002 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_13_1

kpatch-patch-5_14_0-70_13_1 is earlier than 0:1-2.el9_0  oval:com.redhat.rhsa:tst:20226592004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225214002 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_13_1

kpatch-patch-5_14_0-70_13_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225214002 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_13_1

kernel version 0:5.14.0-70.17.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20226592012  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-70.17.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20226592013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20226592008  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20226592009  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592006 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_17_1

kpatch-patch-5_14_0-70_17_1 is earlier than 0:1-1.el9_0  oval:com.redhat.rhsa:tst:20226592010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592006 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_17_1

kpatch-patch-5_14_0-70_17_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226592011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592006 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_17_1

kernel version 0:5.14.0-70.22.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20226592018  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-70.22.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20226592019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226592014  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226592015  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592007 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_22_1

kpatch-patch-5_14_0-70_22_1 is earlier than 0:1-1.el9_0  oval:com.redhat.rhsa:tst:20226592016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592007 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_22_1

kpatch-patch-5_14_0-70_22_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226592017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226592007 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_22_1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226590
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

mysql is earlier than 0:8.0.30-3.el9_0  oval:com.redhat.rhsa:tst:20226590001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590001 of type rpminfo_object
Name
mysql

mysql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590001 of type rpminfo_object
Name
mysql

mysql-common is earlier than 0:8.0.30-3.el9_0  oval:com.redhat.rhsa:tst:20226590003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590002 of type rpminfo_object
Name
mysql-common

mysql-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590002 of type rpminfo_object
Name
mysql-common

mysql-devel is earlier than 0:8.0.30-3.el9_0  oval:com.redhat.rhsa:tst:20226590005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590003 of type rpminfo_object
Name
mysql-devel

mysql-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590003 of type rpminfo_object
Name
mysql-devel

mysql-errmsg is earlier than 0:8.0.30-3.el9_0  oval:com.redhat.rhsa:tst:20226590007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590004 of type rpminfo_object
Name
mysql-errmsg

mysql-errmsg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590004 of type rpminfo_object
Name
mysql-errmsg

mysql-libs is earlier than 0:8.0.30-3.el9_0  oval:com.redhat.rhsa:tst:20226590009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590005 of type rpminfo_object
Name
mysql-libs

mysql-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590005 of type rpminfo_object
Name
mysql-libs

mysql-server is earlier than 0:8.0.30-3.el9_0  oval:com.redhat.rhsa:tst:20226590011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590006 of type rpminfo_object
Name
mysql-server

mysql-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590006 of type rpminfo_object
Name
mysql-server

mysql-test is earlier than 0:8.0.30-3.el9_0  oval:com.redhat.rhsa:tst:20226590013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590007 of type rpminfo_object
Name
mysql-test

mysql-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226590014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226590007 of type rpminfo_object
Name
mysql-test
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226585
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

ruby is earlier than 0:3.0.4-160.el9_0  oval:com.redhat.rhsa:tst:20226585001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585001 of type rpminfo_object
Name
ruby

ruby is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585001 of type rpminfo_object
Name
ruby

ruby-default-gems is earlier than 0:3.0.4-160.el9_0  oval:com.redhat.rhsa:tst:20226585003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585002 of type rpminfo_object
Name
ruby-default-gems

ruby-default-gems is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585002 of type rpminfo_object
Name
ruby-default-gems

ruby-devel is earlier than 0:3.0.4-160.el9_0  oval:com.redhat.rhsa:tst:20226585005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585003 of type rpminfo_object
Name
ruby-devel

ruby-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585003 of type rpminfo_object
Name
ruby-devel

ruby-doc is earlier than 0:3.0.4-160.el9_0  oval:com.redhat.rhsa:tst:20226585007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585004 of type rpminfo_object
Name
ruby-doc

ruby-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585004 of type rpminfo_object
Name
ruby-doc

ruby-libs is earlier than 0:3.0.4-160.el9_0  oval:com.redhat.rhsa:tst:20226585009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585005 of type rpminfo_object
Name
ruby-libs

ruby-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585005 of type rpminfo_object
Name
ruby-libs

rubygem-bigdecimal is earlier than 0:3.0.0-160.el9_0  oval:com.redhat.rhsa:tst:20226585011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585006 of type rpminfo_object
Name
rubygem-bigdecimal

rubygem-bigdecimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585006 of type rpminfo_object
Name
rubygem-bigdecimal

rubygem-bundler is earlier than 0:2.2.33-160.el9_0  oval:com.redhat.rhsa:tst:20226585013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585007 of type rpminfo_object
Name
rubygem-bundler

rubygem-bundler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585007 of type rpminfo_object
Name
rubygem-bundler

rubygem-io-console is earlier than 0:0.5.7-160.el9_0  oval:com.redhat.rhsa:tst:20226585015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585008 of type rpminfo_object
Name
rubygem-io-console

rubygem-io-console is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585008 of type rpminfo_object
Name
rubygem-io-console

rubygem-irb is earlier than 0:1.3.5-160.el9_0  oval:com.redhat.rhsa:tst:20226585017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585009 of type rpminfo_object
Name
rubygem-irb

rubygem-irb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585009 of type rpminfo_object
Name
rubygem-irb

rubygem-json is earlier than 0:2.5.1-160.el9_0  oval:com.redhat.rhsa:tst:20226585019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585010 of type rpminfo_object
Name
rubygem-json

rubygem-json is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585010 of type rpminfo_object
Name
rubygem-json

rubygem-minitest is earlier than 0:5.14.2-160.el9_0  oval:com.redhat.rhsa:tst:20226585021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585011 of type rpminfo_object
Name
rubygem-minitest

rubygem-minitest is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585011 of type rpminfo_object
Name
rubygem-minitest

rubygem-power_assert is earlier than 0:1.2.0-160.el9_0  oval:com.redhat.rhsa:tst:20226585023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585012 of type rpminfo_object
Name
rubygem-power_assert

rubygem-power_assert is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585012 of type rpminfo_object
Name
rubygem-power_assert

rubygem-psych is earlier than 0:3.3.2-160.el9_0  oval:com.redhat.rhsa:tst:20226585025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585013 of type rpminfo_object
Name
rubygem-psych

rubygem-psych is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585013 of type rpminfo_object
Name
rubygem-psych

rubygem-rake is earlier than 0:13.0.3-160.el9_0  oval:com.redhat.rhsa:tst:20226585027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585014 of type rpminfo_object
Name
rubygem-rake

rubygem-rake is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585014 of type rpminfo_object
Name
rubygem-rake

rubygem-rbs is earlier than 0:1.4.0-160.el9_0  oval:com.redhat.rhsa:tst:20226585029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585015 of type rpminfo_object
Name
rubygem-rbs

rubygem-rbs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585015 of type rpminfo_object
Name
rubygem-rbs

rubygem-rdoc is earlier than 0:6.3.3-160.el9_0  oval:com.redhat.rhsa:tst:20226585031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585016 of type rpminfo_object
Name
rubygem-rdoc

rubygem-rdoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585016 of type rpminfo_object
Name
rubygem-rdoc

rubygem-rexml is earlier than 0:3.2.5-160.el9_0  oval:com.redhat.rhsa:tst:20226585033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585017 of type rpminfo_object
Name
rubygem-rexml

rubygem-rexml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585017 of type rpminfo_object
Name
rubygem-rexml

rubygem-rss is earlier than 0:0.2.9-160.el9_0  oval:com.redhat.rhsa:tst:20226585035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585018 of type rpminfo_object
Name
rubygem-rss

rubygem-rss is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585018 of type rpminfo_object
Name
rubygem-rss

rubygem-test-unit is earlier than 0:3.3.7-160.el9_0  oval:com.redhat.rhsa:tst:20226585037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585019 of type rpminfo_object
Name
rubygem-test-unit

rubygem-test-unit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585019 of type rpminfo_object
Name
rubygem-test-unit

rubygem-typeprof is earlier than 0:0.15.2-160.el9_0  oval:com.redhat.rhsa:tst:20226585039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585020 of type rpminfo_object
Name
rubygem-typeprof

rubygem-typeprof is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585020 of type rpminfo_object
Name
rubygem-typeprof

rubygems is earlier than 0:3.2.33-160.el9_0  oval:com.redhat.rhsa:tst:20226585041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585021 of type rpminfo_object
Name
rubygems

rubygems is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585021 of type rpminfo_object
Name
rubygems

rubygems-devel is earlier than 0:3.2.33-160.el9_0  oval:com.redhat.rhsa:tst:20226585043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585022 of type rpminfo_object
Name
rubygems-devel

rubygems-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226585044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226585022 of type rpminfo_object
Name
rubygems-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226582
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-70.26.1.rt21.98.el9_0 is currently running  oval:com.redhat.rhsa:tst:20226582025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-70.26.1.rt21.98.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20226582026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226582015 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-extra is earlier than 0:5.14.0-70.26.1.rt21.98.el9_0  oval:com.redhat.rhsa:tst:20226582023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226580
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

booth is earlier than 0:1.0-251.3.bfb2f92.git.el9_0.1  oval:com.redhat.rhsa:tst:20226580001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226580001 of type rpminfo_object
Name
booth

booth is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226580002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226580001 of type rpminfo_object
Name
booth

booth-arbitrator is earlier than 0:1.0-251.3.bfb2f92.git.el9_0.1  oval:com.redhat.rhsa:tst:20226580003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226580002 of type rpminfo_object
Name
booth-arbitrator

booth-arbitrator is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226580004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226580002 of type rpminfo_object
Name
booth-arbitrator

booth-core is earlier than 0:1.0-251.3.bfb2f92.git.el9_0.1  oval:com.redhat.rhsa:tst:20226580005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226580003 of type rpminfo_object
Name
booth-core

booth-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226580006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226580003 of type rpminfo_object
Name
booth-core

booth-site is earlier than 0:1.0-251.3.bfb2f92.git.el9_0.1  oval:com.redhat.rhsa:tst:20226580007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226580004 of type rpminfo_object
Name
booth-site

booth-site is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226580008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226580004 of type rpminfo_object
Name
booth-site

booth-test is earlier than 0:1.0-251.3.bfb2f92.git.el9_0.1  oval:com.redhat.rhsa:tst:20226580009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226580005 of type rpminfo_object
Name
booth-test

booth-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226580010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226580005 of type rpminfo_object
Name
booth-test
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226521
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.9-1.el9_0  oval:com.redhat.rhsa:tst:20226521001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.9-1.el9_0  oval:com.redhat.rhsa:tst:20226521003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.9-1.el9_0  oval:com.redhat.rhsa:tst:20226521005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-host is earlier than 0:6.0.9-1.el9_0  oval:com.redhat.rhsa:tst:20226521007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-6.0 is earlier than 0:6.0.9-1.el9_0  oval:com.redhat.rhsa:tst:20226521009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.9-1.el9_0  oval:com.redhat.rhsa:tst:20226521011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.109-1.el9_0  oval:com.redhat.rhsa:tst:20226521013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.109-1.el9_0  oval:com.redhat.rhsa:tst:20226521015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.9-1.el9_0  oval:com.redhat.rhsa:tst:20226521017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.109-1.el9_0  oval:com.redhat.rhsa:tst:20226521019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

netstandard-targeting-pack-2.1 is earlier than 0:6.0.109-1.el9_0  oval:com.redhat.rhsa:tst:20226521021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226358
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

open-vm-tools is earlier than 0:11.3.5-1.el9_0.1  oval:com.redhat.rhsa:tst:20226358001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-toolsaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-toolsaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-desktop is earlier than 0:11.3.5-1.el9_0.1  oval:com.redhat.rhsa:tst:20226358003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-tools-desktopaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-desktop-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-desktop is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
open-vm-tools-desktopaarch64(none)3.el9_3.212.2.50:12.2.5-3.el9_3.2199e2f91fd431d51open-vm-tools-desktop-0:12.2.5-3.el9_3.2.aarch64

open-vm-tools-sdmp is earlier than 0:11.3.5-1.el9_0.1  oval:com.redhat.rhsa:tst:20226358005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358003 of type rpminfo_object
Name
open-vm-tools-sdmp

open-vm-tools-sdmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358003 of type rpminfo_object
Name
open-vm-tools-sdmp

open-vm-tools-test is earlier than 0:11.3.5-1.el9_0.1  oval:com.redhat.rhsa:tst:20226358007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358004 of type rpminfo_object
Name
open-vm-tools-test

open-vm-tools-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226358008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226358004 of type rpminfo_object
Name
open-vm-tools-test
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226313
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pcs is earlier than 0:0.11.1-10.el9_0.2  oval:com.redhat.rhsa:tst:20226313001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs-snmp is earlier than 0:0.11.1-10.el9_0.2  oval:com.redhat.rhsa:tst:20226313003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp

pcs-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226224
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

openssl is earlier than 1:3.0.1-41.el9_0  oval:com.redhat.rhsa:tst:20226224001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
opensslaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-1:3.0.7-24.el9.aarch64

openssl-devel is earlier than 1:3.0.1-41.el9_0  oval:com.redhat.rhsa:tst:20226224003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224002 of type rpminfo_object
Name
openssl-devel

openssl-libs is earlier than 1:3.0.1-41.el9_0  oval:com.redhat.rhsa:tst:20226224005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssl-libsaarch64124.el93.0.71:3.0.7-24.el9199e2f91fd431d51openssl-libs-1:3.0.7-24.el9.aarch64

openssl-perl is earlier than 1:3.0.1-41.el9_0  oval:com.redhat.rhsa:tst:20226224007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl

openssl-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20226224008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226224004 of type rpminfo_object
Name
openssl-perl
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226181
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

rsync is earlier than 0:3.2.3-9.el9_0.2  oval:com.redhat.rhsa:tst:20226181001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyncaarch64(none)19.el93.2.30:3.2.3-19.el9199e2f91fd431d51rsync-0:3.2.3-19.el9.aarch64

rsync is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224592002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyncaarch64(none)19.el93.2.30:3.2.3-19.el9199e2f91fd431d51rsync-0:3.2.3-19.el9.aarch64

rsync-daemon is earlier than 0:3.2.3-9.el9_0.2  oval:com.redhat.rhsa:tst:20226181003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224592002 of type rpminfo_object
Name
rsync-daemon

rsync-daemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224592004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224592002 of type rpminfo_object
Name
rsync-daemon
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226174
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:91.13.0-1.el9_0  oval:com.redhat.rhsa:tst:20226174001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226165
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:91.13.0-1.el9_0  oval:com.redhat.rhsa:tst:20226165001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226157
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

curl is earlier than 0:7.76.1-14.el9_0.5  oval:com.redhat.rhsa:tst:20226157001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl-minimal is earlier than 0:7.76.1-14.el9_0.5  oval:com.redhat.rhsa:tst:20226157003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

curl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

libcurl is earlier than 0:7.76.1-14.el9_0.5  oval:com.redhat.rhsa:tst:20226157005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl-devel is earlier than 0:7.76.1-14.el9_0.5  oval:com.redhat.rhsa:tst:20226157007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-minimal is earlier than 0:7.76.1-14.el9_0.5  oval:com.redhat.rhsa:tst:20226157009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal

libcurl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226043
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20226043001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20226043003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20226043005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-host is earlier than 0:6.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20226043007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-6.0 is earlier than 0:6.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20226043009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20226043011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.108-1.el9_0  oval:com.redhat.rhsa:tst:20226043013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.108-1.el9_0  oval:com.redhat.rhsa:tst:20226043015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20226043017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.108-1.el9_0  oval:com.redhat.rhsa:tst:20226043019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

netstandard-targeting-pack-2.1 is earlier than 0:6.0.108-1.el9_0  oval:com.redhat.rhsa:tst:20226043021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226003
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-70.22.1.rt21.94.el9_0 is currently running  oval:com.redhat.rhsa:tst:20226002025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-70.22.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20226003058  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226003031 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-abi-stablelists is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-extra is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-devel is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-headers is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-modules is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003031  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003037  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-zfcpdump is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-70.22.1.el9_0  oval:com.redhat.rhsa:tst:20226003055  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20226002
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel-rt earlier than 0:5.14.0-70.22.1.rt21.94.el9_0 is currently running  oval:com.redhat.rhsa:tst:20226002025  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-70.22.1.rt21.94.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20226002026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20226002015 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-extra is earlier than 0:5.14.0-70.22.1.rt21.94.el9_0  oval:com.redhat.rhsa:tst:20226002023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225948
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

mariadb is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948001 of type rpminfo_object
Name
mariadb

mariadb is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948001 of type rpminfo_object
Name
mariadb

mariadb-backup is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948002 of type rpminfo_object
Name
mariadb-backup

mariadb-backup is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948002 of type rpminfo_object
Name
mariadb-backup

mariadb-common is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948003 of type rpminfo_object
Name
mariadb-common

mariadb-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948003 of type rpminfo_object
Name
mariadb-common

mariadb-devel is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948004 of type rpminfo_object
Name
mariadb-devel

mariadb-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948004 of type rpminfo_object
Name
mariadb-devel

mariadb-embedded is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948005 of type rpminfo_object
Name
mariadb-embedded

mariadb-embedded is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948005 of type rpminfo_object
Name
mariadb-embedded

mariadb-embedded-devel is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948006 of type rpminfo_object
Name
mariadb-embedded-devel

mariadb-embedded-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948006 of type rpminfo_object
Name
mariadb-embedded-devel

mariadb-errmsg is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948007 of type rpminfo_object
Name
mariadb-errmsg

mariadb-errmsg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948007 of type rpminfo_object
Name
mariadb-errmsg

mariadb-gssapi-server is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948008 of type rpminfo_object
Name
mariadb-gssapi-server

mariadb-gssapi-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948008 of type rpminfo_object
Name
mariadb-gssapi-server

mariadb-oqgraph-engine is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948009 of type rpminfo_object
Name
mariadb-oqgraph-engine

mariadb-oqgraph-engine is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948009 of type rpminfo_object
Name
mariadb-oqgraph-engine

mariadb-pam is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948010 of type rpminfo_object
Name
mariadb-pam

mariadb-pam is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948010 of type rpminfo_object
Name
mariadb-pam

mariadb-server is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948011 of type rpminfo_object
Name
mariadb-server

mariadb-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948011 of type rpminfo_object
Name
mariadb-server

mariadb-server-galera is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948012 of type rpminfo_object
Name
mariadb-server-galera

mariadb-server-galera is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948012 of type rpminfo_object
Name
mariadb-server-galera

mariadb-server-utils is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948013 of type rpminfo_object
Name
mariadb-server-utils

mariadb-server-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948013 of type rpminfo_object
Name
mariadb-server-utils

mariadb-test is earlier than 3:10.5.16-2.el9_0  oval:com.redhat.rhsa:tst:20225948027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948014 of type rpminfo_object
Name
mariadb-test

mariadb-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225948028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225948014 of type rpminfo_object
Name
mariadb-test
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225942
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

vim-X11 is earlier than 2:8.2.2637-16.el9_0.3  oval:com.redhat.rhsa:tst:20225942001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225242001 of type rpminfo_object
Name
vim-X11

vim-X11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225242001 of type rpminfo_object
Name
vim-X11

vim-common is earlier than 2:8.2.2637-16.el9_0.3  oval:com.redhat.rhsa:tst:20225942003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-commonaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-common-2:8.2.2637-20.el9_1.aarch64

vim-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-commonaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-common-2:8.2.2637-20.el9_1.aarch64

vim-enhanced is earlier than 2:8.2.2637-16.el9_0.3  oval:com.redhat.rhsa:tst:20225942005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-enhancedaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-enhanced-2:8.2.2637-20.el9_1.aarch64

vim-enhanced is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-enhancedaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-enhanced-2:8.2.2637-20.el9_1.aarch64

vim-filesystem is earlier than 2:8.2.2637-16.el9_0.3  oval:com.redhat.rhsa:tst:20225942007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-filesystemnoarch220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-filesystem-2:8.2.2637-20.el9_1.noarch

vim-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-filesystemnoarch220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-filesystem-2:8.2.2637-20.el9_1.noarch

vim-minimal is earlier than 2:8.2.2637-16.el9_0.3  oval:com.redhat.rhsa:tst:20225942009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-minimalaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-minimal-2:8.2.2637-20.el9_1.aarch64

vim-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-minimalaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-minimal-2:8.2.2637-20.el9_1.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225904
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

php is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904001 of type rpminfo_object
Name
php

php-bcmath is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-bcmath is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904002 of type rpminfo_object
Name
php-bcmath

php-cli is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-cli is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904003 of type rpminfo_object
Name
php-cli

php-common is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904004 of type rpminfo_object
Name
php-common

php-dba is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dba is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904005 of type rpminfo_object
Name
php-dba

php-dbg is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-dbg is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904006 of type rpminfo_object
Name
php-dbg

php-devel is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904007 of type rpminfo_object
Name
php-devel

php-embedded is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-embedded is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904008 of type rpminfo_object
Name
php-embedded

php-enchant is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-enchant is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904009 of type rpminfo_object
Name
php-enchant

php-ffi is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-ffi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904010 of type rpminfo_object
Name
php-ffi

php-fpm is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-fpm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904011 of type rpminfo_object
Name
php-fpm

php-gd is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904012 of type rpminfo_object
Name
php-gd

php-gmp is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-gmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904013 of type rpminfo_object
Name
php-gmp

php-intl is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-intl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904014 of type rpminfo_object
Name
php-intl

php-ldap is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-ldap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904015 of type rpminfo_object
Name
php-ldap

php-mbstring is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mbstring is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904016 of type rpminfo_object
Name
php-mbstring

php-mysqlnd is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-mysqlnd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904017 of type rpminfo_object
Name
php-mysqlnd

php-odbc is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-odbc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904018 of type rpminfo_object
Name
php-odbc

php-opcache is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-opcache is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904019 of type rpminfo_object
Name
php-opcache

php-pdo is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pdo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904020 of type rpminfo_object
Name
php-pdo

php-pgsql is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-pgsql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904021 of type rpminfo_object
Name
php-pgsql

php-process is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-process is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904022 of type rpminfo_object
Name
php-process

php-snmp is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904023 of type rpminfo_object
Name
php-snmp

php-soap is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-soap is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904024 of type rpminfo_object
Name
php-soap

php-xml is earlier than 0:8.0.13-2.el9_0  oval:com.redhat.rhsa:tst:20225904049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml

php-xml is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225904050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225904025 of type rpminfo_object
Name
php-xml
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225799
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

golang is earlier than 0:1.17.12-1.el9_0  oval:com.redhat.rhsa:tst:20225799001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang-bin is earlier than 0:1.17.12-1.el9_0  oval:com.redhat.rhsa:tst:20225799003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-bin is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-docs is earlier than 0:1.17.12-1.el9_0  oval:com.redhat.rhsa:tst:20225799005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-misc is earlier than 0:1.17.12-1.el9_0  oval:com.redhat.rhsa:tst:20225799007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-misc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-race is earlier than 0:1.17.12-1.el9_0  oval:com.redhat.rhsa:tst:20225799009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-race is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-src is earlier than 0:1.17.12-1.el9_0  oval:com.redhat.rhsa:tst:20225799011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-tests is earlier than 0:1.17.12-1.el9_0  oval:com.redhat.rhsa:tst:20225799013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests

golang-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests

go-toolset is earlier than 0:1.17.12-1.el9_0  oval:com.redhat.rhsa:tst:20225799015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225799008 of type rpminfo_object
Name
go-toolset

go-toolset is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225799016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225799008 of type rpminfo_object
Name
go-toolset
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225778
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:91.12.0-1.el9_0  oval:com.redhat.rhsa:tst:20225778001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225767
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:91.12.0-2.el9_0  oval:com.redhat.rhsa:tst:20225767001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225736
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-17-openjdk is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk-demo is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo-fastdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-slowdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-devel is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel-fastdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-slowdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-fastdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-headless is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless-fastdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-slowdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-javadoc is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc-zip is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-jmods is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods-fastdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-slowdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-slowdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-src is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src-fastdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-slowdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-static-libs is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs-fastdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-slowdebug is earlier than 1:17.0.4.0.8-2.el9_0  oval:com.redhat.rhsa:tst:20225736045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug

java-17-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225716
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

grafana is earlier than 0:7.5.11-5.el9_0  oval:com.redhat.rhsa:tst:20225716001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana

grafana is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225716002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225716001 of type rpminfo_object
Name
grafana
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225709
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-1.8.0-openjdk is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk-demo is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo-fastdebug is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-slowdebug is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-devel is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel-fastdebug is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-slowdebug is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-fastdebug is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-headless is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless-fastdebug is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-slowdebug is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-slowdebug is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-src is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src-fastdebug is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-slowdebug is earlier than 1:1.8.0.342.b07-1.el9_0  oval:com.redhat.rhsa:tst:20225709033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug

java-1.8.0-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225695
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-11-openjdk is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk-demo is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo-fastdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-slowdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-devel is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel-fastdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-slowdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-fastdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-headless is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless-fastdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-slowdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-javadoc is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc-zip is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-jmods is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods-fastdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-slowdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-slowdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-src is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src-fastdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-slowdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-static-libs is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs-fastdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-slowdebug is earlier than 1:11.0.16.0.8-1.el9_0  oval:com.redhat.rhsa:tst:20225695045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug

java-11-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225527
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

squid is earlier than 7:5.2-1.el9_0.1  oval:com.redhat.rhsa:tst:20225527001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid

squid is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225527002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225527001 of type rpminfo_object
Name
squid
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225482
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:91.11.0-2.el9_0  oval:com.redhat.rhsa:tst:20225482001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225481
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:91.11.0-2.el9_0  oval:com.redhat.rhsa:tst:20225481001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225267
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel earlier than 0:5.14.0-70.17.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20225249057  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel-rt earlier than 0:5.14.0-70.17.1.rt21.89.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20225267026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267015 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel-rt is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267001 of type rpminfo_object
Name
kernel-rt

kernel-rt-core is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267002 of type rpminfo_object
Name
kernel-rt-core

kernel-rt-debug is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267003 of type rpminfo_object
Name
kernel-rt-debug

kernel-rt-debug-core is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267004 of type rpminfo_object
Name
kernel-rt-debug-core

kernel-rt-debug-devel is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267005 of type rpminfo_object
Name
kernel-rt-debug-devel

kernel-rt-debug-kvm is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267006 of type rpminfo_object
Name
kernel-rt-debug-kvm

kernel-rt-debug-modules is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267007 of type rpminfo_object
Name
kernel-rt-debug-modules

kernel-rt-debug-modules-extra is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267008 of type rpminfo_object
Name
kernel-rt-debug-modules-extra

kernel-rt-devel is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267009 of type rpminfo_object
Name
kernel-rt-devel

kernel-rt-kvm is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267010 of type rpminfo_object
Name
kernel-rt-kvm

kernel-rt-modules is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267011 of type rpminfo_object
Name
kernel-rt-modules

kernel-rt-modules-extra is earlier than 0:5.14.0-70.17.1.rt21.89.el9_0  oval:com.redhat.rhsa:tst:20225267023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra

kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225267024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225267012 of type rpminfo_object
Name
kernel-rt-modules-extra
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225263
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

qemu-guest-agent is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
qemu-guest-agentaarch641716.el9_3.18.0.017:8.0.0-16.el9_3.1199e2f91fd431d51qemu-guest-agent-17:8.0.0-16.el9_3.1.aarch64

qemu-guest-agent is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
qemu-guest-agentaarch641716.el9_3.18.0.017:8.0.0-16.el9_3.1199e2f91fd431d51qemu-guest-agent-17:8.0.0-16.el9_3.1.aarch64

qemu-img is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263002 of type rpminfo_object
Name
qemu-img

qemu-img is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263002 of type rpminfo_object
Name
qemu-img

qemu-kvm is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263003 of type rpminfo_object
Name
qemu-kvm

qemu-kvm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263003 of type rpminfo_object
Name
qemu-kvm

qemu-kvm-audio-pa is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263004 of type rpminfo_object
Name
qemu-kvm-audio-pa

qemu-kvm-audio-pa is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263004 of type rpminfo_object
Name
qemu-kvm-audio-pa

qemu-kvm-block-curl is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263005 of type rpminfo_object
Name
qemu-kvm-block-curl

qemu-kvm-block-curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263005 of type rpminfo_object
Name
qemu-kvm-block-curl

qemu-kvm-block-rbd is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263006 of type rpminfo_object
Name
qemu-kvm-block-rbd

qemu-kvm-block-rbd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263006 of type rpminfo_object
Name
qemu-kvm-block-rbd

qemu-kvm-common is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263007 of type rpminfo_object
Name
qemu-kvm-common

qemu-kvm-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263007 of type rpminfo_object
Name
qemu-kvm-common

qemu-kvm-core is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263008 of type rpminfo_object
Name
qemu-kvm-core

qemu-kvm-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263008 of type rpminfo_object
Name
qemu-kvm-core

qemu-kvm-device-display-virtio-gpu is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263009 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu

qemu-kvm-device-display-virtio-gpu is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263009 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu

qemu-kvm-device-display-virtio-gpu-ccw is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263010 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-ccw

qemu-kvm-device-display-virtio-gpu-ccw is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263010 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-ccw

qemu-kvm-device-display-virtio-gpu-gl is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263011 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-gl

qemu-kvm-device-display-virtio-gpu-gl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263011 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-gl

qemu-kvm-device-display-virtio-gpu-pci is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263012 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci

qemu-kvm-device-display-virtio-gpu-pci is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263012 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci

qemu-kvm-device-display-virtio-gpu-pci-gl is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263013 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci-gl

qemu-kvm-device-display-virtio-gpu-pci-gl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263013 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-gpu-pci-gl

qemu-kvm-device-display-virtio-vga is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263014 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga

qemu-kvm-device-display-virtio-vga is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263014 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga

qemu-kvm-device-display-virtio-vga-gl is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263015 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga-gl

qemu-kvm-device-display-virtio-vga-gl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263015 of type rpminfo_object
Name
qemu-kvm-device-display-virtio-vga-gl

qemu-kvm-device-usb-host is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263016 of type rpminfo_object
Name
qemu-kvm-device-usb-host

qemu-kvm-device-usb-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263016 of type rpminfo_object
Name
qemu-kvm-device-usb-host

qemu-kvm-device-usb-redirect is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263017 of type rpminfo_object
Name
qemu-kvm-device-usb-redirect

qemu-kvm-device-usb-redirect is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263017 of type rpminfo_object
Name
qemu-kvm-device-usb-redirect

qemu-kvm-docs is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263018 of type rpminfo_object
Name
qemu-kvm-docs

qemu-kvm-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263018 of type rpminfo_object
Name
qemu-kvm-docs

qemu-kvm-tools is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263019 of type rpminfo_object
Name
qemu-kvm-tools

qemu-kvm-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263019 of type rpminfo_object
Name
qemu-kvm-tools

qemu-kvm-ui-egl-headless is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263020 of type rpminfo_object
Name
qemu-kvm-ui-egl-headless

qemu-kvm-ui-egl-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263020 of type rpminfo_object
Name
qemu-kvm-ui-egl-headless

qemu-kvm-ui-opengl is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263021 of type rpminfo_object
Name
qemu-kvm-ui-opengl

qemu-kvm-ui-opengl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263021 of type rpminfo_object
Name
qemu-kvm-ui-opengl

qemu-pr-helper is earlier than 17:6.2.0-11.el9_0.3  oval:com.redhat.rhsa:tst:20225263043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263022 of type rpminfo_object
Name
qemu-pr-helper

qemu-pr-helper is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225263044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225263022 of type rpminfo_object
Name
qemu-pr-helper
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225257
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libinput is earlier than 0:1.19.3-2.el9_0  oval:com.redhat.rhsa:tst:20225257001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libinputaarch64(none)4.el9_21.19.30:1.19.3-4.el9_2199e2f91fd431d51libinput-0:1.19.3-4.el9_2.aarch64

libinput is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225257002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libinputaarch64(none)4.el9_21.19.30:1.19.3-4.el9_2199e2f91fd431d51libinput-0:1.19.3-4.el9_2.aarch64

libinput-devel is earlier than 0:1.19.3-2.el9_0  oval:com.redhat.rhsa:tst:20225257003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225257002 of type rpminfo_object
Name
libinput-devel

libinput-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225257004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225257002 of type rpminfo_object
Name
libinput-devel

libinput-utils is earlier than 0:1.19.3-2.el9_0  oval:com.redhat.rhsa:tst:20225257005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225257003 of type rpminfo_object
Name
libinput-utils

libinput-utils is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225257006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225257003 of type rpminfo_object
Name
libinput-utils
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225252
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

bsdtar is earlier than 0:3.5.3-2.el9_0  oval:com.redhat.rhsa:tst:20225252001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225252001 of type rpminfo_object
Name
bsdtar

bsdtar is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225252001 of type rpminfo_object
Name
bsdtar

libarchive is earlier than 0:3.5.3-2.el9_0  oval:com.redhat.rhsa:tst:20225252003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libarchiveaarch64(none)4.el93.5.30:3.5.3-4.el9199e2f91fd431d51libarchive-0:3.5.3-4.el9.aarch64

libarchive is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225252004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libarchiveaarch64(none)4.el93.5.30:3.5.3-4.el9199e2f91fd431d51libarchive-0:3.5.3-4.el9.aarch64

libarchive-devel is earlier than 0:3.5.3-2.el9_0  oval:com.redhat.rhsa:tst:20225252005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225252003 of type rpminfo_object
Name
libarchive-devel

libarchive-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225252003 of type rpminfo_object
Name
libarchive-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225251
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pcre2 is earlier than 0:10.37-5.el9_0  oval:com.redhat.rhsa:tst:20225251001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
pcre2aarch64(none)2.el910.400:10.40-2.el9199e2f91fd431d51pcre2-0:10.40-2.el9.aarch64

pcre2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225251002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
pcre2aarch64(none)2.el910.400:10.40-2.el9199e2f91fd431d51pcre2-0:10.40-2.el9.aarch64

pcre2-devel is earlier than 0:10.37-5.el9_0  oval:com.redhat.rhsa:tst:20225251003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225251002 of type rpminfo_object
Name
pcre2-devel

pcre2-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225251004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225251002 of type rpminfo_object
Name
pcre2-devel

pcre2-syntax is earlier than 0:10.37-5.el9_0  oval:com.redhat.rhsa:tst:20225251005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
pcre2-syntaxnoarch(none)2.el910.400:10.40-2.el9199e2f91fd431d51pcre2-syntax-0:10.40-2.el9.noarch

pcre2-syntax is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225251006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
pcre2-syntaxnoarch(none)2.el910.400:10.40-2.el9199e2f91fd431d51pcre2-syntax-0:10.40-2.el9.noarch

pcre2-utf16 is earlier than 0:10.37-5.el9_0  oval:com.redhat.rhsa:tst:20225251007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225251004 of type rpminfo_object
Name
pcre2-utf16

pcre2-utf16 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225251008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225251004 of type rpminfo_object
Name
pcre2-utf16

pcre2-utf32 is earlier than 0:10.37-5.el9_0  oval:com.redhat.rhsa:tst:20225251009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
pcre2-utf32aarch64(none)2.el910.400:10.40-2.el9199e2f91fd431d51pcre2-utf32-0:10.40-2.el9.aarch64

pcre2-utf32 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225251010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
pcre2-utf32aarch64(none)2.el910.400:10.40-2.el9199e2f91fd431d51pcre2-utf32-0:10.40-2.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225250
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

libxml2 is earlier than 0:2.9.13-1.el9_0.1  oval:com.redhat.rhsa:tst:20225250001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51libxml2-0:2.9.13-5.el9_3.aarch64

libxml2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51libxml2-0:2.9.13-5.el9_3.aarch64

libxml2-devel is earlier than 0:2.9.13-1.el9_0.1  oval:com.redhat.rhsa:tst:20225250003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225250002 of type rpminfo_object
Name
libxml2-devel

libxml2-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225250002 of type rpminfo_object
Name
libxml2-devel

python3-libxml2 is earlier than 0:2.9.13-1.el9_0.1  oval:com.redhat.rhsa:tst:20225250005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51python3-libxml2-0:2.9.13-5.el9_3.aarch64

python3-libxml2 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225250006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-libxml2aarch64(none)5.el9_32.9.130:2.9.13-5.el9_3199e2f91fd431d51python3-libxml2-0:2.9.13-5.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225249
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel earlier than 0:5.14.0-70.17.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20225249057  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel earlier than 0:5.14.0-70.17.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20225249058  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249031 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

bpftool is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

bpftool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
bpftoolaarch64(none)362.13.1.el9_37.2.00:7.2.0-362.13.1.el9_3199e2f91fd431d51bpftool-0:7.2.0-362.13.1.el9_3.aarch64

kernel is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel-abi-stablelists is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-abi-stablelists is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249003 of type rpminfo_object
Name
kernel-abi-stablelists

kernel-core is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-coreaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.13.1.el9_3.aarch64
kernel-coreaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-core-0:5.14.0-362.8.1.el9_3.aarch64

kernel-cross-headers is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-cross-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249005 of type rpminfo_object
Name
kernel-cross-headers

kernel-debug is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249006 of type rpminfo_object
Name
kernel-debug

kernel-debug-core is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249007 of type rpminfo_object
Name
kernel-debug-core

kernel-debug-devel is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249008 of type rpminfo_object
Name
kernel-debug-devel

kernel-debug-devel-matched is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249009 of type rpminfo_object
Name
kernel-debug-devel-matched

kernel-debug-modules is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249010 of type rpminfo_object
Name
kernel-debug-modules

kernel-debug-modules-extra is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249011 of type rpminfo_object
Name
kernel-debug-modules-extra

kernel-devel is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249012 of type rpminfo_object
Name
kernel-devel

kernel-devel-matched is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249013 of type rpminfo_object
Name
kernel-devel-matched

kernel-doc is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249014 of type rpminfo_object
Name
kernel-doc

kernel-headers is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-headers is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249015 of type rpminfo_object
Name
kernel-headers

kernel-modules is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249031  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249032  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-modulesaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.13.1.el9_3.aarch64
kernel-modulesaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-modules-0:5.14.0-362.8.1.el9_3.aarch64

kernel-modules-extra is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249017 of type rpminfo_object
Name
kernel-modules-extra

kernel-tools is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249035  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249036  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-toolsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249037  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernel-tools-libsaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-tools-libs-0:5.14.0-362.13.1.el9_3.aarch64

kernel-tools-libs-devel is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249020 of type rpminfo_object
Name
kernel-tools-libs-devel

kernel-zfcpdump is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249021 of type rpminfo_object
Name
kernel-zfcpdump

kernel-zfcpdump-core is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249022 of type rpminfo_object
Name
kernel-zfcpdump-core

kernel-zfcpdump-devel is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249023 of type rpminfo_object
Name
kernel-zfcpdump-devel

kernel-zfcpdump-devel-matched is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249047  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-devel-matched is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249048  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249024 of type rpminfo_object
Name
kernel-zfcpdump-devel-matched

kernel-zfcpdump-modules is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249049  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249050  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249025 of type rpminfo_object
Name
kernel-zfcpdump-modules

kernel-zfcpdump-modules-extra is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249051  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249052  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249026 of type rpminfo_object
Name
kernel-zfcpdump-modules-extra

perf is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249053  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249054  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225249027 of type rpminfo_object
Name
perf

python3-perf is earlier than 0:5.14.0-70.17.1.el9_0  oval:com.redhat.rhsa:tst:20225249055  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64

python3-perf is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225249056  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
python3-perfaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51python3-perf-0:5.14.0-362.13.1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225245
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

curl is earlier than 0:7.76.1-14.el9_0.4  oval:com.redhat.rhsa:tst:20225245001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
curlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51curl-0:7.76.1-26.el9_3.2.aarch64

curl-minimal is earlier than 0:7.76.1-14.el9_0.4  oval:com.redhat.rhsa:tst:20225245003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

curl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245002 of type rpminfo_object
Name
curl-minimal

libcurl is earlier than 0:7.76.1-14.el9_0.4  oval:com.redhat.rhsa:tst:20225245005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
libcurlaarch64(none)26.el9_3.27.76.10:7.76.1-26.el9_3.2199e2f91fd431d51libcurl-0:7.76.1-26.el9_3.2.aarch64

libcurl-devel is earlier than 0:7.76.1-14.el9_0.4  oval:com.redhat.rhsa:tst:20225245007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245004 of type rpminfo_object
Name
libcurl-devel

libcurl-minimal is earlier than 0:7.76.1-14.el9_0.4  oval:com.redhat.rhsa:tst:20225245009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal

libcurl-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225245010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225245005 of type rpminfo_object
Name
libcurl-minimal
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225244
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

expat is earlier than 0:2.2.10-12.el9_0.2  oval:com.redhat.rhsa:tst:20225244001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
expataarch64(none)1.el92.5.00:2.5.0-1.el9199e2f91fd431d51expat-0:2.5.0-1.el9.aarch64

expat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225244002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
expataarch64(none)1.el92.5.00:2.5.0-1.el9199e2f91fd431d51expat-0:2.5.0-1.el9.aarch64

expat-devel is earlier than 0:2.2.10-12.el9_0.2  oval:com.redhat.rhsa:tst:20225244003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225244002 of type rpminfo_object
Name
expat-devel

expat-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225244004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225244002 of type rpminfo_object
Name
expat-devel
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225242
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

vim-X11 is earlier than 2:8.2.2637-16.el9_0.2  oval:com.redhat.rhsa:tst:20225242001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225242001 of type rpminfo_object
Name
vim-X11

vim-X11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225242001 of type rpminfo_object
Name
vim-X11

vim-common is earlier than 2:8.2.2637-16.el9_0.2  oval:com.redhat.rhsa:tst:20225242003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-commonaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-common-2:8.2.2637-20.el9_1.aarch64

vim-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-commonaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-common-2:8.2.2637-20.el9_1.aarch64

vim-enhanced is earlier than 2:8.2.2637-16.el9_0.2  oval:com.redhat.rhsa:tst:20225242005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-enhancedaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-enhanced-2:8.2.2637-20.el9_1.aarch64

vim-enhanced is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-enhancedaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-enhanced-2:8.2.2637-20.el9_1.aarch64

vim-filesystem is earlier than 2:8.2.2637-16.el9_0.2  oval:com.redhat.rhsa:tst:20225242007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-filesystemnoarch220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-filesystem-2:8.2.2637-20.el9_1.noarch

vim-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-filesystemnoarch220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-filesystem-2:8.2.2637-20.el9_1.noarch

vim-minimal is earlier than 2:8.2.2637-16.el9_0.2  oval:com.redhat.rhsa:tst:20225242009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-minimalaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-minimal-2:8.2.2637-20.el9_1.aarch64

vim-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225242010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
vim-minimalaarch64220.el9_18.2.26372:8.2.2637-20.el9_1199e2f91fd431d51vim-minimal-2:8.2.2637-20.el9_1.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225214
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

kernel version 0:5.14.0-70.13.1.el9_0 is currently running  oval:com.redhat.rhsa:tst:20225214006  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

kernel version 0:5.14.0-70.13.1.el9_0 is set to boot up on next boot  oval:com.redhat.rhsa:tst:20225214007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225214005 of type textfilecontent54_object
FilepathPatternInstance
38/boot/grub2/grub.cfg^menuentry.*

kernel version equals 0:5.14.0-70.13.1.el9_0  oval:com.redhat.rhsa:tst:20225214001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kernel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
kernelaarch64(none)362.13.1.el9_35.14.00:5.14.0-362.13.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.13.1.el9_3.aarch64
kernelaarch64(none)362.8.1.el9_35.14.00:5.14.0-362.8.1.el9_3199e2f91fd431d51kernel-0:5.14.0-362.8.1.el9_3.aarch64

kpatch-patch not installed for 0:5.14.0-70.13.1.el9_0  oval:com.redhat.rhsa:tst:20225214003  true

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225214002 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_13_1

kpatch-patch-5_14_0-70_13_1 is earlier than 0:1-1.el9_0  oval:com.redhat.rhsa:tst:20225214004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225214002 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_13_1

kpatch-patch-5_14_0-70_13_1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225214005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225214002 of type rpminfo_object
Name
kpatch-patch-5_14_0-70_13_1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225099
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

grub2-common is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-commonnoarch170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-common-1:2.06-70.el9_3.1.noarch

grub2-common is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-commonnoarch170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-common-1:2.06-70.el9_3.1.noarch

grub2-efi-aa64 is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-efi-aa64aarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-efi-aa64-1:2.06-70.el9_3.1.aarch64

grub2-efi-aa64 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-efi-aa64aarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-efi-aa64-1:2.06-70.el9_3.1.aarch64

grub2-efi-aa64-cdboot is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099003 of type rpminfo_object
Name
grub2-efi-aa64-cdboot

grub2-efi-aa64-cdboot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099003 of type rpminfo_object
Name
grub2-efi-aa64-cdboot

grub2-efi-aa64-modules is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099004 of type rpminfo_object
Name
grub2-efi-aa64-modules

grub2-efi-aa64-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099004 of type rpminfo_object
Name
grub2-efi-aa64-modules

grub2-efi-x64 is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099005 of type rpminfo_object
Name
grub2-efi-x64

grub2-efi-x64 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099005 of type rpminfo_object
Name
grub2-efi-x64

grub2-efi-x64-cdboot is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099006 of type rpminfo_object
Name
grub2-efi-x64-cdboot

grub2-efi-x64-cdboot is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099006 of type rpminfo_object
Name
grub2-efi-x64-cdboot

grub2-efi-x64-modules is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099007 of type rpminfo_object
Name
grub2-efi-x64-modules

grub2-efi-x64-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099007 of type rpminfo_object
Name
grub2-efi-x64-modules

grub2-pc is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099008 of type rpminfo_object
Name
grub2-pc

grub2-pc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099008 of type rpminfo_object
Name
grub2-pc

grub2-pc-modules is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099009 of type rpminfo_object
Name
grub2-pc-modules

grub2-pc-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099009 of type rpminfo_object
Name
grub2-pc-modules

grub2-ppc64le is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099010 of type rpminfo_object
Name
grub2-ppc64le

grub2-ppc64le is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099010 of type rpminfo_object
Name
grub2-ppc64le

grub2-ppc64le-modules is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099011 of type rpminfo_object
Name
grub2-ppc64le-modules

grub2-ppc64le-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099011 of type rpminfo_object
Name
grub2-ppc64le-modules

grub2-tools is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099023  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-toolsaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-1:2.06-70.el9_3.1.aarch64

grub2-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099024  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-toolsaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-1:2.06-70.el9_3.1.aarch64

grub2-tools-efi is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099013 of type rpminfo_object
Name
grub2-tools-efi

grub2-tools-efi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099013 of type rpminfo_object
Name
grub2-tools-efi

grub2-tools-extra is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099014 of type rpminfo_object
Name
grub2-tools-extra

grub2-tools-extra is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099014 of type rpminfo_object
Name
grub2-tools-extra

grub2-tools-minimal is earlier than 1:2.06-27.el9_0.7  oval:com.redhat.rhsa:tst:20225099029  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-tools-minimalaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-minimal-1:2.06-70.el9_3.1.aarch64

grub2-tools-minimal is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099030  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
grub2-tools-minimalaarch64170.el9_3.12.061:2.06-70.el9_3.1199e2f91fd431d51grub2-tools-minimal-1:2.06-70.el9_3.1.aarch64

shim-unsigned-x64 is earlier than 0:15.6-1.el9  oval:com.redhat.rhsa:tst:20225099031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099016 of type rpminfo_object
Name
shim-unsigned-x64

shim-unsigned-x64 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099016 of type rpminfo_object
Name
shim-unsigned-x64

shim-aa64 is earlier than 0:15.6-1.el9  oval:com.redhat.rhsa:tst:20225099033  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
shim-aa64aarch64(none)1.el915.60:15.6-1.el9199e2f91fd431d51shim-aa64-0:15.6-1.el9.aarch64

shim-aa64 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099034  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
shim-aa64aarch64(none)1.el915.60:15.6-1.el9199e2f91fd431d51shim-aa64-0:15.6-1.el9.aarch64

shim-x64 is earlier than 0:15.6-1.el9  oval:com.redhat.rhsa:tst:20225099035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099018 of type rpminfo_object
Name
shim-x64

shim-x64 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20225099036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20225099018 of type rpminfo_object
Name
shim-x64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20225050
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.6-1.el9_0  oval:com.redhat.rhsa:tst:20225050001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.6-1.el9_0  oval:com.redhat.rhsa:tst:20225050003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.6-1.el9_0  oval:com.redhat.rhsa:tst:20225050005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-host is earlier than 0:6.0.6-1.el9_0  oval:com.redhat.rhsa:tst:20225050007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-6.0 is earlier than 0:6.0.6-1.el9_0  oval:com.redhat.rhsa:tst:20225050009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.6-1.el9_0  oval:com.redhat.rhsa:tst:20225050011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.106-1.el9_0  oval:com.redhat.rhsa:tst:20225050013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.106-1.el9_0  oval:com.redhat.rhsa:tst:20225050015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.6-1.el9_0  oval:com.redhat.rhsa:tst:20225050017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.106-1.el9_0  oval:com.redhat.rhsa:tst:20225050019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

netstandard-targeting-pack-2.1 is earlier than 0:6.0.106-1.el9_0  oval:com.redhat.rhsa:tst:20225050021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224990
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

cups is earlier than 1:2.3.3op2-13.el9_0.1  oval:com.redhat.rhsa:tst:20224990001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cupsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-1:2.3.3op2-21.el9.aarch64

cups is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cupsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-1:2.3.3op2-21.el9.aarch64

cups-client is earlier than 1:2.3.3op2-13.el9_0.1  oval:com.redhat.rhsa:tst:20224990003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-clientaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-client-1:2.3.3op2-21.el9.aarch64

cups-client is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-clientaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-client-1:2.3.3op2-21.el9.aarch64

cups-devel is earlier than 1:2.3.3op2-13.el9_0.1  oval:com.redhat.rhsa:tst:20224990005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990003 of type rpminfo_object
Name
cups-devel

cups-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990003 of type rpminfo_object
Name
cups-devel

cups-filesystem is earlier than 1:2.3.3op2-13.el9_0.1  oval:com.redhat.rhsa:tst:20224990007  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-filesystemnoarch121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-filesystem-1:2.3.3op2-21.el9.noarch

cups-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990008  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-filesystemnoarch121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-filesystem-1:2.3.3op2-21.el9.noarch

cups-ipptool is earlier than 1:2.3.3op2-13.el9_0.1  oval:com.redhat.rhsa:tst:20224990009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-ipptoolaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-ipptool-1:2.3.3op2-21.el9.aarch64

cups-ipptool is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-ipptoolaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-ipptool-1:2.3.3op2-21.el9.aarch64

cups-libs is earlier than 1:2.3.3op2-13.el9_0.1  oval:com.redhat.rhsa:tst:20224990011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-libsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-libs-1:2.3.3op2-21.el9.aarch64

cups-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
cups-libsaarch64121.el92.3.3op21:2.3.3op2-21.el9199e2f91fd431d51cups-libs-1:2.3.3op2-21.el9.aarch64

cups-lpd is earlier than 1:2.3.3op2-13.el9_0.1  oval:com.redhat.rhsa:tst:20224990013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990007 of type rpminfo_object
Name
cups-lpd

cups-lpd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990007 of type rpminfo_object
Name
cups-lpd

cups-printerapp is earlier than 1:2.3.3op2-13.el9_0.1  oval:com.redhat.rhsa:tst:20224990015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990008 of type rpminfo_object
Name
cups-printerapp

cups-printerapp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224990016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224990008 of type rpminfo_object
Name
cups-printerapp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224940
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

xz is earlier than 0:5.2.5-8.el9_0  oval:com.redhat.rhsa:tst:20224940001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xzaarch64(none)8.el9_05.2.50:5.2.5-8.el9_0199e2f91fd431d51xz-0:5.2.5-8.el9_0.aarch64

xz is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224940002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xzaarch64(none)8.el9_05.2.50:5.2.5-8.el9_0199e2f91fd431d51xz-0:5.2.5-8.el9_0.aarch64

xz-devel is earlier than 0:5.2.5-8.el9_0  oval:com.redhat.rhsa:tst:20224940003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224940002 of type rpminfo_object
Name
xz-devel

xz-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224940004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224940002 of type rpminfo_object
Name
xz-devel

xz-libs is earlier than 0:5.2.5-8.el9_0  oval:com.redhat.rhsa:tst:20224940005  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xz-libsaarch64(none)8.el9_05.2.50:5.2.5-8.el9_0199e2f91fd431d51xz-libs-0:5.2.5-8.el9_0.aarch64

xz-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224940006  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
xz-libsaarch64(none)8.el9_05.2.50:5.2.5-8.el9_0199e2f91fd431d51xz-libs-0:5.2.5-8.el9_0.aarch64

xz-lzma-compat is earlier than 0:5.2.5-8.el9_0  oval:com.redhat.rhsa:tst:20224940007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224940004 of type rpminfo_object
Name
xz-lzma-compat

xz-lzma-compat is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224940008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224940004 of type rpminfo_object
Name
xz-lzma-compat
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224899
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

compat-openssl11 is earlier than 1:1.1.1k-4.el9_0  oval:com.redhat.rhsa:tst:20224899001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224899001 of type rpminfo_object
Name
compat-openssl11

compat-openssl11 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224899002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224899001 of type rpminfo_object
Name
compat-openssl11
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224892
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:91.10.0-1.el9_0  oval:com.redhat.rhsa:tst:20224892001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224873
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:91.10.0-1.el9_0  oval:com.redhat.rhsa:tst:20224873001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224795
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

rsyslog is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslogaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-0:8.2102.0-117.el9.aarch64

rsyslog is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslogaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-0:8.2102.0-117.el9.aarch64

rsyslog-crypto is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795002 of type rpminfo_object
Name
rsyslog-crypto

rsyslog-crypto is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795002 of type rpminfo_object
Name
rsyslog-crypto

rsyslog-doc is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795003 of type rpminfo_object
Name
rsyslog-doc

rsyslog-doc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795003 of type rpminfo_object
Name
rsyslog-doc

rsyslog-elasticsearch is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795004 of type rpminfo_object
Name
rsyslog-elasticsearch

rsyslog-elasticsearch is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795004 of type rpminfo_object
Name
rsyslog-elasticsearch

rsyslog-gnutls is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795009  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslog-gnutlsaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-gnutls-0:8.2102.0-117.el9.aarch64

rsyslog-gnutls is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795010  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslog-gnutlsaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-gnutls-0:8.2102.0-117.el9.aarch64

rsyslog-gssapi is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795011  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslog-gssapiaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-gssapi-0:8.2102.0-117.el9.aarch64

rsyslog-gssapi is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795012  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslog-gssapiaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-gssapi-0:8.2102.0-117.el9.aarch64

rsyslog-kafka is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795007 of type rpminfo_object
Name
rsyslog-kafka

rsyslog-kafka is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795007 of type rpminfo_object
Name
rsyslog-kafka

rsyslog-logrotate is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslog-logrotateaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-logrotate-0:8.2102.0-117.el9.aarch64

rsyslog-logrotate is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslog-logrotateaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-logrotate-0:8.2102.0-117.el9.aarch64

rsyslog-mmaudit is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795009 of type rpminfo_object
Name
rsyslog-mmaudit

rsyslog-mmaudit is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795009 of type rpminfo_object
Name
rsyslog-mmaudit

rsyslog-mmfields is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795010 of type rpminfo_object
Name
rsyslog-mmfields

rsyslog-mmfields is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795010 of type rpminfo_object
Name
rsyslog-mmfields

rsyslog-mmjsonparse is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795011 of type rpminfo_object
Name
rsyslog-mmjsonparse

rsyslog-mmjsonparse is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795011 of type rpminfo_object
Name
rsyslog-mmjsonparse

rsyslog-mmkubernetes is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795012 of type rpminfo_object
Name
rsyslog-mmkubernetes

rsyslog-mmkubernetes is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795012 of type rpminfo_object
Name
rsyslog-mmkubernetes

rsyslog-mmnormalize is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795013 of type rpminfo_object
Name
rsyslog-mmnormalize

rsyslog-mmnormalize is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795013 of type rpminfo_object
Name
rsyslog-mmnormalize

rsyslog-mmsnmptrapd is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795014 of type rpminfo_object
Name
rsyslog-mmsnmptrapd

rsyslog-mmsnmptrapd is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795014 of type rpminfo_object
Name
rsyslog-mmsnmptrapd

rsyslog-mysql is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795015 of type rpminfo_object
Name
rsyslog-mysql

rsyslog-mysql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795015 of type rpminfo_object
Name
rsyslog-mysql

rsyslog-omamqp1 is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795016 of type rpminfo_object
Name
rsyslog-omamqp1

rsyslog-omamqp1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795016 of type rpminfo_object
Name
rsyslog-omamqp1

rsyslog-openssl is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795017 of type rpminfo_object
Name
rsyslog-openssl

rsyslog-openssl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795017 of type rpminfo_object
Name
rsyslog-openssl

rsyslog-pgsql is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795018 of type rpminfo_object
Name
rsyslog-pgsql

rsyslog-pgsql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795018 of type rpminfo_object
Name
rsyslog-pgsql

rsyslog-relp is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795037  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslog-relpaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-relp-0:8.2102.0-117.el9.aarch64

rsyslog-relp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795038  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslog-relpaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-relp-0:8.2102.0-117.el9.aarch64

rsyslog-snmp is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795020 of type rpminfo_object
Name
rsyslog-snmp

rsyslog-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795020 of type rpminfo_object
Name
rsyslog-snmp

rsyslog-udpspoof is earlier than 0:8.2102.0-101.el9_0.1  oval:com.redhat.rhsa:tst:20224795041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795021 of type rpminfo_object
Name
rsyslog-udpspoof

rsyslog-udpspoof is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224795042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224795021 of type rpminfo_object
Name
rsyslog-udpspoof
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224772
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:91.9.1-1.el9_0  oval:com.redhat.rhsa:tst:20224772001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224771
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

postgresql is earlier than 0:13.7-1.el9_0  oval:com.redhat.rhsa:tst:20224771001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresqlaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is earlier than 0:13.7-1.el9_0  oval:com.redhat.rhsa:tst:20224771003  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-contrib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771004  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-contribaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-contrib-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-plperl is earlier than 0:13.7-1.el9_0  oval:com.redhat.rhsa:tst:20224771005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plperl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771003 of type rpminfo_object
Name
postgresql-plperl

postgresql-plpython3 is earlier than 0:13.7-1.el9_0  oval:com.redhat.rhsa:tst:20224771007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-plpython3 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771004 of type rpminfo_object
Name
postgresql-plpython3

postgresql-pltcl is earlier than 0:13.7-1.el9_0  oval:com.redhat.rhsa:tst:20224771009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-pltcl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771005 of type rpminfo_object
Name
postgresql-pltcl

postgresql-private-devel is earlier than 0:13.7-1.el9_0  oval:com.redhat.rhsa:tst:20224771011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771006 of type rpminfo_object
Name
postgresql-private-devel

postgresql-private-libs is earlier than 0:13.7-1.el9_0  oval:com.redhat.rhsa:tst:20224771013  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-private-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771014  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-private-libsaarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-private-libs-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is earlier than 0:13.7-1.el9_0  oval:com.redhat.rhsa:tst:20224771015  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771016  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
postgresql-serveraarch64(none)1.module+el9.2.0.z+20667+a2d2a8a915.50:15.5-1.module+el9.2.0.z+20667+a2d2a8a9199e2f91fd431d51postgresql-server-0:15.5-1.module+el9.2.0.z+20667+a2d2a8a9.aarch64

postgresql-server-devel is earlier than 0:13.7-1.el9_0  oval:com.redhat.rhsa:tst:20224771017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-server-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771009 of type rpminfo_object
Name
postgresql-server-devel

postgresql-test is earlier than 0:13.7-1.el9_0  oval:com.redhat.rhsa:tst:20224771019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-test is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771010 of type rpminfo_object
Name
postgresql-test

postgresql-upgrade is earlier than 0:13.7-1.el9_0  oval:com.redhat.rhsa:tst:20224771021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade

postgresql-upgrade is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224771022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224771011 of type rpminfo_object
Name
postgresql-upgrade
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224765
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:91.9.1-1.el9_0  oval:com.redhat.rhsa:tst:20224765001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224592
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

rsync is earlier than 0:3.2.3-9.el9_0.1  oval:com.redhat.rhsa:tst:20224592001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyncaarch64(none)19.el93.2.30:3.2.3-19.el9199e2f91fd431d51rsync-0:3.2.3-19.el9.aarch64

rsync is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224592002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyncaarch64(none)19.el93.2.30:3.2.3-19.el9199e2f91fd431d51rsync-0:3.2.3-19.el9.aarch64

rsync-daemon is earlier than 0:3.2.3-9.el9_0.1  oval:com.redhat.rhsa:tst:20224592003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224592002 of type rpminfo_object
Name
rsync-daemon

rsync-daemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224592004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224592002 of type rpminfo_object
Name
rsync-daemon
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224591
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

mod_dav_svn is earlier than 0:1.14.1-5.el9_0  oval:com.redhat.rhsa:tst:20224591001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591001 of type rpminfo_object
Name
mod_dav_svn

mod_dav_svn is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224591002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591001 of type rpminfo_object
Name
mod_dav_svn

python3-subversion is earlier than 0:1.14.1-5.el9_0  oval:com.redhat.rhsa:tst:20224591003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591002 of type rpminfo_object
Name
python3-subversion

python3-subversion is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224591004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591002 of type rpminfo_object
Name
python3-subversion

subversion is earlier than 0:1.14.1-5.el9_0  oval:com.redhat.rhsa:tst:20224591005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591003 of type rpminfo_object
Name
subversion

subversion is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224591006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591003 of type rpminfo_object
Name
subversion

subversion-devel is earlier than 0:1.14.1-5.el9_0  oval:com.redhat.rhsa:tst:20224591007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591004 of type rpminfo_object
Name
subversion-devel

subversion-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224591008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591004 of type rpminfo_object
Name
subversion-devel

subversion-gnome is earlier than 0:1.14.1-5.el9_0  oval:com.redhat.rhsa:tst:20224591009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591005 of type rpminfo_object
Name
subversion-gnome

subversion-gnome is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224591010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591005 of type rpminfo_object
Name
subversion-gnome

subversion-libs is earlier than 0:1.14.1-5.el9_0  oval:com.redhat.rhsa:tst:20224591011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591006 of type rpminfo_object
Name
subversion-libs

subversion-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224591012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591006 of type rpminfo_object
Name
subversion-libs

subversion-perl is earlier than 0:1.14.1-5.el9_0  oval:com.redhat.rhsa:tst:20224591013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591007 of type rpminfo_object
Name
subversion-perl

subversion-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224591014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591007 of type rpminfo_object
Name
subversion-perl

subversion-tools is earlier than 0:1.14.1-5.el9_0  oval:com.redhat.rhsa:tst:20224591015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591008 of type rpminfo_object
Name
subversion-tools

subversion-tools is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224591016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224591008 of type rpminfo_object
Name
subversion-tools
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224590
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

firefox is earlier than 0:91.9.0-1.el9_0  oval:com.redhat.rhsa:tst:20224590001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64

firefox is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224590002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firefoxaarch64(none)1.el9_3115.6.00:115.6.0-1.el9_3199e2f91fd431d51firefox-0:115.6.0-1.el9_3.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224589
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

thunderbird is earlier than 0:91.9.0-3.el9_0  oval:com.redhat.rhsa:tst:20224589001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird

thunderbird is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224589002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224589001 of type rpminfo_object
Name
thunderbird
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224588
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.5-1.el9_0  oval:com.redhat.rhsa:tst:20224588001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.5-1.el9_0  oval:com.redhat.rhsa:tst:20224588003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.5-1.el9_0  oval:com.redhat.rhsa:tst:20224588005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-host is earlier than 0:6.0.5-1.el9_0  oval:com.redhat.rhsa:tst:20224588007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-6.0 is earlier than 0:6.0.5-1.el9_0  oval:com.redhat.rhsa:tst:20224588009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.5-1.el9_0  oval:com.redhat.rhsa:tst:20224588011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.105-1.el9_0  oval:com.redhat.rhsa:tst:20224588013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.105-1.el9_0  oval:com.redhat.rhsa:tst:20224588015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.5-1.el9_0  oval:com.redhat.rhsa:tst:20224588017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.105-1.el9_0  oval:com.redhat.rhsa:tst:20224588019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

netstandard-targeting-pack-2.1 is earlier than 0:6.0.105-1.el9_0  oval:com.redhat.rhsa:tst:20224588021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224587
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pcs is earlier than 0:0.11.1-10.el9_0.1  oval:com.redhat.rhsa:tst:20224587001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587001 of type rpminfo_object
Name
pcs

pcs-snmp is earlier than 0:0.11.1-10.el9_0.1  oval:com.redhat.rhsa:tst:20224587003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp

pcs-snmp is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224587004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224587002 of type rpminfo_object
Name
pcs-snmp
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224584
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

zlib is earlier than 0:1.2.11-31.el9_0.1  oval:com.redhat.rhsa:tst:20224584001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
zlibaarch64(none)40.el91.2.110:1.2.11-40.el9199e2f91fd431d51zlib-0:1.2.11-40.el9.aarch64

zlib is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224584002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
zlibaarch64(none)40.el91.2.110:1.2.11-40.el9199e2f91fd431d51zlib-0:1.2.11-40.el9.aarch64

zlib-devel is earlier than 0:1.2.11-31.el9_0.1  oval:com.redhat.rhsa:tst:20224584003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224584002 of type rpminfo_object
Name
zlib-devel

zlib-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224584004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224584002 of type rpminfo_object
Name
zlib-devel

zlib-static is earlier than 0:1.2.11-31.el9_0.1  oval:com.redhat.rhsa:tst:20224584005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224584003 of type rpminfo_object
Name
zlib-static

zlib-static is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224584006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20224584003 of type rpminfo_object
Name
zlib-static
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20224582
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

gzip is earlier than 0:1.10-9.el9_0  oval:com.redhat.rhsa:tst:20224582001  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gzipaarch64(none)1.el91.120:1.12-1.el9199e2f91fd431d51gzip-0:1.12-1.el9.aarch64

gzip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20224582002  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
gzipaarch64(none)1.el91.120:1.12-1.el9199e2f91fd431d51gzip-0:1.12-1.el9.aarch64
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20222137
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-1.8.0-openjdk is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137001 of type rpminfo_object
Name
java-1.8.0-openjdk

java-1.8.0-openjdk-demo is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137002 of type rpminfo_object
Name
java-1.8.0-openjdk-demo

java-1.8.0-openjdk-demo-fastdebug is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137003 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-fastdebug

java-1.8.0-openjdk-demo-slowdebug is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137004 of type rpminfo_object
Name
java-1.8.0-openjdk-demo-slowdebug

java-1.8.0-openjdk-devel is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137005 of type rpminfo_object
Name
java-1.8.0-openjdk-devel

java-1.8.0-openjdk-devel-fastdebug is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137006 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-fastdebug

java-1.8.0-openjdk-devel-slowdebug is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137007 of type rpminfo_object
Name
java-1.8.0-openjdk-devel-slowdebug

java-1.8.0-openjdk-fastdebug is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137008 of type rpminfo_object
Name
java-1.8.0-openjdk-fastdebug

java-1.8.0-openjdk-headless is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137009 of type rpminfo_object
Name
java-1.8.0-openjdk-headless

java-1.8.0-openjdk-headless-fastdebug is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137010 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-fastdebug

java-1.8.0-openjdk-headless-slowdebug is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137011 of type rpminfo_object
Name
java-1.8.0-openjdk-headless-slowdebug

java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137012 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc

java-1.8.0-openjdk-javadoc-zip is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137013 of type rpminfo_object
Name
java-1.8.0-openjdk-javadoc-zip

java-1.8.0-openjdk-slowdebug is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137014 of type rpminfo_object
Name
java-1.8.0-openjdk-slowdebug

java-1.8.0-openjdk-src is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137015 of type rpminfo_object
Name
java-1.8.0-openjdk-src

java-1.8.0-openjdk-src-fastdebug is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137016 of type rpminfo_object
Name
java-1.8.0-openjdk-src-fastdebug

java-1.8.0-openjdk-src-slowdebug is earlier than 1:1.8.0.332.b09-1.el9_0  oval:com.redhat.rhsa:tst:20222137033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug

java-1.8.0-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20222137034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20222137017 of type rpminfo_object
Name
java-1.8.0-openjdk-src-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20221729
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-17-openjdk is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729001 of type rpminfo_object
Name
java-17-openjdk

java-17-openjdk-demo is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729002 of type rpminfo_object
Name
java-17-openjdk-demo

java-17-openjdk-demo-fastdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729003 of type rpminfo_object
Name
java-17-openjdk-demo-fastdebug

java-17-openjdk-demo-slowdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729004 of type rpminfo_object
Name
java-17-openjdk-demo-slowdebug

java-17-openjdk-devel is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729005 of type rpminfo_object
Name
java-17-openjdk-devel

java-17-openjdk-devel-fastdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729006 of type rpminfo_object
Name
java-17-openjdk-devel-fastdebug

java-17-openjdk-devel-slowdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729007 of type rpminfo_object
Name
java-17-openjdk-devel-slowdebug

java-17-openjdk-fastdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729008 of type rpminfo_object
Name
java-17-openjdk-fastdebug

java-17-openjdk-headless is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729009 of type rpminfo_object
Name
java-17-openjdk-headless

java-17-openjdk-headless-fastdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729010 of type rpminfo_object
Name
java-17-openjdk-headless-fastdebug

java-17-openjdk-headless-slowdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729011 of type rpminfo_object
Name
java-17-openjdk-headless-slowdebug

java-17-openjdk-javadoc is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729012 of type rpminfo_object
Name
java-17-openjdk-javadoc

java-17-openjdk-javadoc-zip is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729013 of type rpminfo_object
Name
java-17-openjdk-javadoc-zip

java-17-openjdk-jmods is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729014 of type rpminfo_object
Name
java-17-openjdk-jmods

java-17-openjdk-jmods-fastdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729015 of type rpminfo_object
Name
java-17-openjdk-jmods-fastdebug

java-17-openjdk-jmods-slowdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729016 of type rpminfo_object
Name
java-17-openjdk-jmods-slowdebug

java-17-openjdk-slowdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729017 of type rpminfo_object
Name
java-17-openjdk-slowdebug

java-17-openjdk-src is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729018 of type rpminfo_object
Name
java-17-openjdk-src

java-17-openjdk-src-fastdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729019 of type rpminfo_object
Name
java-17-openjdk-src-fastdebug

java-17-openjdk-src-slowdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729020 of type rpminfo_object
Name
java-17-openjdk-src-slowdebug

java-17-openjdk-static-libs is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729021 of type rpminfo_object
Name
java-17-openjdk-static-libs

java-17-openjdk-static-libs-fastdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729022 of type rpminfo_object
Name
java-17-openjdk-static-libs-fastdebug

java-17-openjdk-static-libs-slowdebug is earlier than 1:17.0.3.0.7-1.el9_0  oval:com.redhat.rhsa:tst:20221729045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug

java-17-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221729046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221729023 of type rpminfo_object
Name
java-17-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhsa:def:20221728
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

java-11-openjdk is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728001 of type rpminfo_object
Name
java-11-openjdk

java-11-openjdk-demo is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728002 of type rpminfo_object
Name
java-11-openjdk-demo

java-11-openjdk-demo-fastdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728003 of type rpminfo_object
Name
java-11-openjdk-demo-fastdebug

java-11-openjdk-demo-slowdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-demo-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728004 of type rpminfo_object
Name
java-11-openjdk-demo-slowdebug

java-11-openjdk-devel is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728005 of type rpminfo_object
Name
java-11-openjdk-devel

java-11-openjdk-devel-fastdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728006 of type rpminfo_object
Name
java-11-openjdk-devel-fastdebug

java-11-openjdk-devel-slowdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-devel-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728007 of type rpminfo_object
Name
java-11-openjdk-devel-slowdebug

java-11-openjdk-fastdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728008 of type rpminfo_object
Name
java-11-openjdk-fastdebug

java-11-openjdk-headless is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728009 of type rpminfo_object
Name
java-11-openjdk-headless

java-11-openjdk-headless-fastdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728010 of type rpminfo_object
Name
java-11-openjdk-headless-fastdebug

java-11-openjdk-headless-slowdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-headless-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728011 of type rpminfo_object
Name
java-11-openjdk-headless-slowdebug

java-11-openjdk-javadoc is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728023  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728024  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728012 of type rpminfo_object
Name
java-11-openjdk-javadoc

java-11-openjdk-javadoc-zip is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728025  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-javadoc-zip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728026  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728013 of type rpminfo_object
Name
java-11-openjdk-javadoc-zip

java-11-openjdk-jmods is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728027  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728028  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728014 of type rpminfo_object
Name
java-11-openjdk-jmods

java-11-openjdk-jmods-fastdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728029  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728030  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728015 of type rpminfo_object
Name
java-11-openjdk-jmods-fastdebug

java-11-openjdk-jmods-slowdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728031  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-jmods-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728032  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728016 of type rpminfo_object
Name
java-11-openjdk-jmods-slowdebug

java-11-openjdk-slowdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728033  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728034  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728017 of type rpminfo_object
Name
java-11-openjdk-slowdebug

java-11-openjdk-src is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728035  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728036  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728018 of type rpminfo_object
Name
java-11-openjdk-src

java-11-openjdk-src-fastdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728037  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728038  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728019 of type rpminfo_object
Name
java-11-openjdk-src-fastdebug

java-11-openjdk-src-slowdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728039  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-src-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728040  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728020 of type rpminfo_object
Name
java-11-openjdk-src-slowdebug

java-11-openjdk-static-libs is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728041  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728042  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728021 of type rpminfo_object
Name
java-11-openjdk-static-libs

java-11-openjdk-static-libs-fastdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728043  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-fastdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728044  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728022 of type rpminfo_object
Name
java-11-openjdk-static-libs-fastdebug

java-11-openjdk-static-libs-slowdebug is earlier than 1:11.0.15.0.10-1.el9_0  oval:com.redhat.rhsa:tst:20221728045  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug

java-11-openjdk-static-libs-slowdebug is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhsa:tst:20221728046  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhsa:obj:20221728023 of type rpminfo_object
Name
java-11-openjdk-static-libs-slowdebug
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhea:def:20237252
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module nodejs:20 is enabled  oval:com.redhat.rhea:tst:20237252017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252009 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/nodejs.module\[nodejs\][\w\W]*1

nodejs is earlier than 1:20.9.0-1.module+el9.3.0.z+20633+3a660725  oval:com.redhat.rhea:tst:20237252001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-devel is earlier than 1:20.9.0-1.module+el9.3.0.z+20633+3a660725  oval:com.redhat.rhea:tst:20237252003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-docs is earlier than 1:20.9.0-1.module+el9.3.0.z+20633+3a660725  oval:com.redhat.rhea:tst:20237252005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:20.9.0-1.module+el9.3.0.z+20633+3a660725  oval:com.redhat.rhea:tst:20237252007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-nodemon is earlier than 0:3.0.1-1.module+el9.3.0.z+20478+84a9f781  oval:com.redhat.rhea:tst:20237252009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-nodemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-packaging is earlier than 0:2021.06-4.module+el9.3.0+19518+63aad52d  oval:com.redhat.rhea:tst:20237252011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging-bundler is earlier than 0:2021.06-4.module+el9.3.0+19518+63aad52d  oval:com.redhat.rhea:tst:20237252013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

nodejs-packaging-bundler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

npm is earlier than 1:10.1.0-1.20.9.0.1.module+el9.3.0.z+20633+3a660725  oval:com.redhat.rhea:tst:20237252015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhea:def:20236562
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module nginx:1.22 is enabled  oval:com.redhat.rhea:tst:20236562021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562011 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/nginx.module\[nginx\][\w\W]*1

nginx is earlier than 1:1.22.1-5.module+el9.3.0.z+20438+032561a0  oval:com.redhat.rhea:tst:20236562001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562001 of type rpminfo_object
Name
nginx

nginx is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562001 of type rpminfo_object
Name
nginx

nginx-all-modules is earlier than 1:1.22.1-5.module+el9.3.0.z+20438+032561a0  oval:com.redhat.rhea:tst:20236562003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562002 of type rpminfo_object
Name
nginx-all-modules

nginx-all-modules is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562002 of type rpminfo_object
Name
nginx-all-modules

nginx-core is earlier than 1:1.22.1-5.module+el9.3.0.z+20438+032561a0  oval:com.redhat.rhea:tst:20236562005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562003 of type rpminfo_object
Name
nginx-core

nginx-core is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562003 of type rpminfo_object
Name
nginx-core

nginx-filesystem is earlier than 1:1.22.1-5.module+el9.3.0.z+20438+032561a0  oval:com.redhat.rhea:tst:20236562007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562004 of type rpminfo_object
Name
nginx-filesystem

nginx-filesystem is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562004 of type rpminfo_object
Name
nginx-filesystem

nginx-mod-devel is earlier than 1:1.22.1-5.module+el9.3.0.z+20438+032561a0  oval:com.redhat.rhea:tst:20236562009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562005 of type rpminfo_object
Name
nginx-mod-devel

nginx-mod-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562005 of type rpminfo_object
Name
nginx-mod-devel

nginx-mod-http-image-filter is earlier than 1:1.22.1-5.module+el9.3.0.z+20438+032561a0  oval:com.redhat.rhea:tst:20236562011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562006 of type rpminfo_object
Name
nginx-mod-http-image-filter

nginx-mod-http-image-filter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562006 of type rpminfo_object
Name
nginx-mod-http-image-filter

nginx-mod-http-perl is earlier than 1:1.22.1-5.module+el9.3.0.z+20438+032561a0  oval:com.redhat.rhea:tst:20236562013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562007 of type rpminfo_object
Name
nginx-mod-http-perl

nginx-mod-http-perl is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562007 of type rpminfo_object
Name
nginx-mod-http-perl

nginx-mod-http-xslt-filter is earlier than 1:1.22.1-5.module+el9.3.0.z+20438+032561a0  oval:com.redhat.rhea:tst:20236562015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562008 of type rpminfo_object
Name
nginx-mod-http-xslt-filter

nginx-mod-http-xslt-filter is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562008 of type rpminfo_object
Name
nginx-mod-http-xslt-filter

nginx-mod-mail is earlier than 1:1.22.1-5.module+el9.3.0.z+20438+032561a0  oval:com.redhat.rhea:tst:20236562017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562009 of type rpminfo_object
Name
nginx-mod-mail

nginx-mod-mail is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562009 of type rpminfo_object
Name
nginx-mod-mail

nginx-mod-stream is earlier than 1:1.22.1-5.module+el9.3.0.z+20438+032561a0  oval:com.redhat.rhea:tst:20236562019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562010 of type rpminfo_object
Name
nginx-mod-stream

nginx-mod-stream is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20236562020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20236562010 of type rpminfo_object
Name
nginx-mod-stream
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhea:def:20236529
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Module nodejs:20 is enabled  oval:com.redhat.rhea:tst:20237252017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252009 of type textfilecontent54_object
FilepathPatternInstance
/etc/dnf/modules.d/nodejs.module\[nodejs\][\w\W]*1

nodejs is earlier than 1:20.8.1-1.module+el9.3.0.z+20478+84a9f781  oval:com.redhat.rhea:tst:20236529001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252001 of type rpminfo_object
Name
nodejs

nodejs-devel is earlier than 1:20.8.1-1.module+el9.3.0.z+20478+84a9f781  oval:com.redhat.rhea:tst:20236529003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252002 of type rpminfo_object
Name
nodejs-devel

nodejs-docs is earlier than 1:20.8.1-1.module+el9.3.0.z+20478+84a9f781  oval:com.redhat.rhea:tst:20236529005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252003 of type rpminfo_object
Name
nodejs-docs

nodejs-full-i18n is earlier than 1:20.8.1-1.module+el9.3.0.z+20478+84a9f781  oval:com.redhat.rhea:tst:20236529007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-full-i18n is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252004 of type rpminfo_object
Name
nodejs-full-i18n

nodejs-nodemon is earlier than 0:3.0.1-1.module+el9.3.0.z+20478+84a9f781  oval:com.redhat.rhea:tst:20237252009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-nodemon is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252005 of type rpminfo_object
Name
nodejs-nodemon

nodejs-packaging is earlier than 0:2021.06-4.module+el9.3.0+19518+63aad52d  oval:com.redhat.rhea:tst:20237252011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252006 of type rpminfo_object
Name
nodejs-packaging

nodejs-packaging-bundler is earlier than 0:2021.06-4.module+el9.3.0+19518+63aad52d  oval:com.redhat.rhea:tst:20237252013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

nodejs-packaging-bundler is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252007 of type rpminfo_object
Name
nodejs-packaging-bundler

npm is earlier than 1:10.1.0-1.20.8.1.1.module+el9.3.0.z+20478+84a9f781  oval:com.redhat.rhea:tst:20236529015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm

npm is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhea:tst:20237252016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhea:obj:20237252008 of type rpminfo_object
Name
npm
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhba:def:20232451
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

virtio-win is earlier than 0:1.9.33-0.el9_2  oval:com.redhat.rhba:tst:20232451001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232451001 of type rpminfo_object
Name
virtio-win

virtio-win is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232451002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232451001 of type rpminfo_object
Name
virtio-win
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhba:def:20232181
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

golang is earlier than 0:1.19.6-2.el9_2  oval:com.redhat.rhba:tst:20232181001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181001 of type rpminfo_object
Name
golang

golang-bin is earlier than 0:1.19.6-2.el9_2  oval:com.redhat.rhba:tst:20232181003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-bin is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181002 of type rpminfo_object
Name
golang-bin

golang-docs is earlier than 0:1.19.6-2.el9_2  oval:com.redhat.rhba:tst:20232181005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-docs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181003 of type rpminfo_object
Name
golang-docs

golang-misc is earlier than 0:1.19.6-2.el9_2  oval:com.redhat.rhba:tst:20232181007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-misc is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181004 of type rpminfo_object
Name
golang-misc

golang-race is earlier than 0:1.19.6-2.el9_2  oval:com.redhat.rhba:tst:20232181009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-race is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181005 of type rpminfo_object
Name
golang-race

golang-src is earlier than 0:1.19.6-2.el9_2  oval:com.redhat.rhba:tst:20232181011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-src is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181006 of type rpminfo_object
Name
golang-src

golang-tests is earlier than 0:1.19.6-2.el9_2  oval:com.redhat.rhba:tst:20232181013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests

golang-tests is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20232181014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20232181007 of type rpminfo_object
Name
golang-tests
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhba:def:20228256
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

qatzip is earlier than 0:1.0.9-1.el9  oval:com.redhat.rhba:tst:20228256001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20228256001 of type rpminfo_object
Name
qatzip

qatzip is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20228256002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20228256001 of type rpminfo_object
Name
qatzip

qatzip-devel is earlier than 0:1.0.9-1.el9  oval:com.redhat.rhba:tst:20228256003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20228256002 of type rpminfo_object
Name
qatzip-devel

qatzip-devel is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20228256004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20228256002 of type rpminfo_object
Name
qatzip-devel

qatzip-libs is earlier than 0:1.0.9-1.el9  oval:com.redhat.rhba:tst:20228256005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20228256003 of type rpminfo_object
Name
qatzip-libs

qatzip-libs is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20228256006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20228256003 of type rpminfo_object
Name
qatzip-libs
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhba:def:20228077
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

pki-servlet-4.0-api is earlier than 1:9.0.50-1.el9  oval:com.redhat.rhba:tst:20228077001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20228077001 of type rpminfo_object
Name
pki-servlet-4.0-api

pki-servlet-4.0-api is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20228077002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20228077001 of type rpminfo_object
Name
pki-servlet-4.0-api

pki-servlet-engine is earlier than 1:9.0.50-1.el9  oval:com.redhat.rhba:tst:20228077003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20228077002 of type rpminfo_object
Name
pki-servlet-engine

pki-servlet-engine is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20228077004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20228077002 of type rpminfo_object
Name
pki-servlet-engine
Ensure Software Patches Installedxccdf_org.ssgproject.content_rule_security_patches_up_to_date mediumCCE-84185-8

Ensure Software Patches Installed

Rule IDxccdf_org.ssgproject.content_rule_security_patches_up_to_date
Result
pass
Multi-check ruleyes
OVAL Definition IDoval:com.redhat.rhba:def:20225749
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84185-8

References:  BP28(R08), 18, 20, 4, 5.10.4.1, APO12.01, APO12.02, APO12.03, APO12.04, BAI03.10, DSS05.01, DSS05.02, CCI-000366, CCI-001227, 4.2.3, 4.2.3.12, 4.2.3.7, 4.2.3.9, A.12.6.1, A.14.2.3, A.16.1.3, A.18.2.2, A.18.2.3, SI-2(5), SI-2(c), CM-6(a), ID.RA-1, PR.IP-12, FMT_MOF_EXT.1, Req-6.2, 6.3.3, SRG-OS-000480-GPOS-00227, RHEL-09-211015, 1.9, SV-257778r925321_rule

Description


NOTE: U.S. Defense systems are required to be patched within 30 days or sooner as local policy dictates.
Rationale
Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.
Warnings
warning  The OVAL feed of Red Hat Enterprise Linux 9 is not a XML file, which may not be understood by all scanners.
OVAL test results details

Red Hat Enterprise Linux must be installed  oval:com.redhat.rhba:tst:20225749024  false

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

Red Hat Enterprise Linux 9 is installed  oval:com.redhat.rhba:tst:20225749023  true

Following items have been found on the system:
NameEpochVersionReleaseArchFilepathExtended nameSize differsMode differsMd5 differsDevice differsLink mismatchOwnership differsGroup differsMtime differsCapabilities differConfiguration fileDocumentation fileGhost fileLicense fileReadme file
redhat-release(none)9.30.5.el9aarch64/etc/redhat-releaseredhat-release-0:9.3-0.5.el9.aarch64not performednot performednot performednot performednot performednot performednot performednot performedpassfalsefalsefalsefalsefalse

aspnetcore-runtime-6.0 is earlier than 0:6.0.7-1.el9_0  oval:com.redhat.rhba:tst:20225749001  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749002  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749001 of type rpminfo_object
Name
aspnetcore-runtime-6.0

aspnetcore-targeting-pack-6.0 is earlier than 0:6.0.7-1.el9_0  oval:com.redhat.rhba:tst:20225749003  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

aspnetcore-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749004  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749002 of type rpminfo_object
Name
aspnetcore-targeting-pack-6.0

dotnet-apphost-pack-6.0 is earlier than 0:6.0.7-1.el9_0  oval:com.redhat.rhba:tst:20225749005  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-apphost-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749006  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749003 of type rpminfo_object
Name
dotnet-apphost-pack-6.0

dotnet-host is earlier than 0:6.0.7-1.el9_0  oval:com.redhat.rhba:tst:20225749007  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-host is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749008  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749004 of type rpminfo_object
Name
dotnet-host

dotnet-hostfxr-6.0 is earlier than 0:6.0.7-1.el9_0  oval:com.redhat.rhba:tst:20225749009  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-hostfxr-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749010  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749005 of type rpminfo_object
Name
dotnet-hostfxr-6.0

dotnet-runtime-6.0 is earlier than 0:6.0.7-1.el9_0  oval:com.redhat.rhba:tst:20225749011  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-runtime-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749012  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749006 of type rpminfo_object
Name
dotnet-runtime-6.0

dotnet-sdk-6.0 is earlier than 0:6.0.107-1.el9_0  oval:com.redhat.rhba:tst:20225749013  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749014  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749007 of type rpminfo_object
Name
dotnet-sdk-6.0

dotnet-sdk-6.0-source-built-artifacts is earlier than 0:6.0.107-1.el9_0  oval:com.redhat.rhba:tst:20225749015  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-sdk-6.0-source-built-artifacts is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749016  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749008 of type rpminfo_object
Name
dotnet-sdk-6.0-source-built-artifacts

dotnet-targeting-pack-6.0 is earlier than 0:6.0.7-1.el9_0  oval:com.redhat.rhba:tst:20225749017  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-targeting-pack-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749018  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749009 of type rpminfo_object
Name
dotnet-targeting-pack-6.0

dotnet-templates-6.0 is earlier than 0:6.0.107-1.el9_0  oval:com.redhat.rhba:tst:20225749019  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

dotnet-templates-6.0 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749020  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749010 of type rpminfo_object
Name
dotnet-templates-6.0

netstandard-targeting-pack-2.1 is earlier than 0:6.0.107-1.el9_0  oval:com.redhat.rhba:tst:20225749021  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1

netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key  oval:com.redhat.rhba:tst:20225749022  false

No items have been found conforming to the following objects:
Object oval:com.redhat.rhba:obj:20225749011 of type rpminfo_object
Name
netstandard-targeting-pack-2.1
Prevent Login to Accounts With Empty Passwordxccdf_org.ssgproject.content_rule_no_empty_passwords highCCE-83611-4

Prevent Login to Accounts With Empty Password

Rule IDxccdf_org.ssgproject.content_rule_no_empty_passwords
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-no_empty_passwords:def:1
Time2024-02-25T14:39:36+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-83611-4

References:  1, 12, 13, 14, 15, 16, 18, 3, 5, 5.5.2, APO01.06, DSS05.04, DSS05.05, DSS05.07, DSS05.10, DSS06.02, DSS06.03, DSS06.10, 3.1.1, 3.1.5, CCI-000366, 164.308(a)(1)(ii)(B), 164.308(a)(7)(i), 164.308(a)(7)(ii)(A), 164.310(a)(1), 164.310(a)(2)(i), 164.310(a)(2)(ii), 164.310(a)(2)(iii), 164.310(b), 164.310(c), 164.310(d)(1), 164.310(d)(2)(iii), 4.3.3.2.2, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, SR 1.1, SR 1.10, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.18.1.4, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.1, A.9.2.2, A.9.2.3, A.9.2.4, A.9.2.6, A.9.3.1, A.9.4.1, A.9.4.2, A.9.4.3, A.9.4.4, A.9.4.5, IA-5(1)(a), IA-5(c), CM-6(a), PR.AC-1, PR.AC-4, PR.AC-6, PR.AC-7, PR.DS-5, FIA_UAU.1, Req-8.2.3, 8.3.6, 8.3.9, SRG-OS-000480-GPOS-00227, RHEL-09-611025, 5.4.1, SV-258094r926269_rule

Description
If an account is configured for password authentication but does not have an assigned password, it may be possible to log into the account without authentication. Remove any instances of the nullok in /etc/pam.d/system-auth and /etc/pam.d/password-auth to prevent logins with empty passwords.
Rationale
If an account has an empty password, anyone could log in and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.
Warnings
warning  If the system relies on authselect tool to manage PAM settings, the remediation will also use authselect tool. However, if any manual modification was made in PAM files, the authselect integrity check will fail and the remediation will be aborted in order to preserve intentional changes. In this case, an informative message will be shown in the remediation report. Note that this rule is not applicable for systems running within a container. Having user with empty password within a container is not considered a risk, because it should not be possible to directly login into a container anyway.

Complexity:low
Disruption:medium
Reboot:false
Strategy:configure
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    if [ -f /usr/bin/authselect ]; then
        if ! authselect check; then
    echo "
    authselect integrity check failed. Remediation aborted!
    This remediation could not be applied because an authselect profile was not selected or the selected profile is not intact.
    It is not recommended to manually edit the PAM files when authselect tool is available.
    In cases where the default authselect profile does not cover a specific demand, a custom authselect profile is recommended."
    exit 1
    fi
    authselect enable-feature without-nullok
    
    authselect apply-changes -b
    else
        
    if grep -qP '^\s*auth\s+'"sufficient"'\s+pam_unix.so\s.*\bnullok\b' "/etc/pam.d/system-auth"; then
        sed -i -E --follow-symlinks 's/(.*auth.*'"sufficient"'.*pam_unix.so.*)\snullok=?[[:alnum:]]*(.*)/\1\2/g' "/etc/pam.d/system-auth"
    fi
        
    if grep -qP '^\s*password\s+'"sufficient"'\s+pam_unix.so\s.*\bnullok\b' "/etc/pam.d/system-auth"; then
        sed -i -E --follow-symlinks 's/(.*password.*'"sufficient"'.*pam_unix.so.*)\snullok=?[[:alnum:]]*(.*)/\1\2/g' "/etc/pam.d/system-auth"
    fi
        
    if grep -qP '^\s*auth\s+'"sufficient"'\s+pam_unix.so\s.*\bnullok\b' "/etc/pam.d/password-auth"; then
        sed -i -E --follow-symlinks 's/(.*auth.*'"sufficient"'.*pam_unix.so.*)\snullok=?[[:alnum:]]*(.*)/\1\2/g' "/etc/pam.d/password-auth"
    fi
        
    if grep -qP '^\s*password\s+'"sufficient"'\s+pam_unix.so\s.*\bnullok\b' "/etc/pam.d/password-auth"; then
        sed -i -E --follow-symlinks 's/(.*password.*'"sufficient"'.*pam_unix.so.*)\snullok=?[[:alnum:]]*(.*)/\1\2/g' "/etc/pam.d/password-auth"
    fi
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:medium
Reboot:false
Strategy:configure
- name: Prevent Login to Accounts With Empty Password - Check if system relies on
        authselect
      ansible.builtin.stat:
        path: /usr/bin/authselect
      register: result_authselect_present
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83611-4
      - CJIS-5.5.2
      - DISA-STIG-RHEL-09-611025
      - NIST-800-171-3.1.1
      - NIST-800-171-3.1.5
      - NIST-800-53-CM-6(a)
      - NIST-800-53-IA-5(1)(a)
      - NIST-800-53-IA-5(c)
      - PCI-DSS-Req-8.2.3
      - PCI-DSSv4-8.3.6
      - PCI-DSSv4-8.3.9
      - configure_strategy
      - high_severity
      - low_complexity
      - medium_disruption
      - no_empty_passwords
      - no_reboot_needed
    
    - name: Prevent Login to Accounts With Empty Password - Remediate using authselect
      block:
    
      - name: Prevent Login to Accounts With Empty Password - Check integrity of authselect
          current profile
        ansible.builtin.command:
          cmd: authselect check
        register: result_authselect_check_cmd
        changed_when: false
        failed_when: false
    
      - name: Prevent Login to Accounts With Empty Password - Informative message based
          on the authselect integrity check result
        ansible.builtin.assert:
          that:
          - result_authselect_check_cmd.rc == 0
          fail_msg:
          - authselect integrity check failed. Remediation aborted!
          - This remediation could not be applied because an authselect profile was not
            selected or the selected profile is not intact.
          - It is not recommended to manually edit the PAM files when authselect tool
            is available.
          - In cases where the default authselect profile does not cover a specific demand,
            a custom authselect profile is recommended.
          success_msg:
          - authselect integrity check passed
    
      - name: Prevent Login to Accounts With Empty Password - Get authselect current features
        ansible.builtin.shell:
          cmd: authselect current | tail -n+3 | awk '{ print $2 }'
        register: result_authselect_features
        changed_when: false
        when:
        - result_authselect_check_cmd is success
    
      - name: Prevent Login to Accounts With Empty Password - Ensure "without-nullok"
          feature is enabled using authselect tool
        ansible.builtin.command:
          cmd: authselect enable-feature without-nullok
        register: result_authselect_enable_feature_cmd
        when:
        - result_authselect_check_cmd is success
        - result_authselect_features.stdout is not search("without-nullok")
    
      - name: Prevent Login to Accounts With Empty Password - Ensure authselect changes
          are applied
        ansible.builtin.command:
          cmd: authselect apply-changes -b
        when:
        - result_authselect_enable_feature_cmd is not skipped
        - result_authselect_enable_feature_cmd is success
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - result_authselect_present.stat.exists
      tags:
      - CCE-83611-4
      - CJIS-5.5.2
      - DISA-STIG-RHEL-09-611025
      - NIST-800-171-3.1.1
      - NIST-800-171-3.1.5
      - NIST-800-53-CM-6(a)
      - NIST-800-53-IA-5(1)(a)
      - NIST-800-53-IA-5(c)
      - PCI-DSS-Req-8.2.3
      - PCI-DSSv4-8.3.6
      - PCI-DSSv4-8.3.9
      - configure_strategy
      - high_severity
      - low_complexity
      - medium_disruption
      - no_empty_passwords
      - no_reboot_needed
    
    - name: Prevent Login to Accounts With Empty Password - Remediate directly editing
        PAM files
      ansible.builtin.replace:
        dest: '{{ item }}'
        regexp: nullok
      loop:
      - /etc/pam.d/system-auth
      - /etc/pam.d/password-auth
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - not result_authselect_present.stat.exists
      tags:
      - CCE-83611-4
      - CJIS-5.5.2
      - DISA-STIG-RHEL-09-611025
      - NIST-800-171-3.1.1
      - NIST-800-171-3.1.5
      - NIST-800-53-CM-6(a)
      - NIST-800-53-IA-5(1)(a)
      - NIST-800-53-IA-5(c)
      - PCI-DSS-Req-8.2.3
      - PCI-DSSv4-8.3.6
      - PCI-DSSv4-8.3.9
      - configure_strategy
      - high_severity
      - low_complexity
      - medium_disruption
      - no_empty_passwords
      - no_reboot_needed
    

---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,%23%20Generated%20by%20authselect%20on%20Sat%20Oct%2027%2014%3A59%3A36%202018%0A%23%20Do%20not%20modify%20this%20file%20manually.%0A%0Aauth%20%20%20%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_env.so%0Aauth%20%20%20%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_faildelay.so%20delay%3D2000000%0Aauth%20%20%20%20%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_fprintd.so%0Aauth%20%20%20%20%20%20%20%20%5Bdefault%3D1%20ignore%3Dignore%20success%3Dok%5D%20%20%20%20%20%20%20%20%20pam_succeed_if.so%20uid%20%3E%3D%201000%20quiet%0Aauth%20%20%20%20%20%20%20%20%5Bdefault%3D1%20ignore%3Dignore%20success%3Dok%5D%20%20%20%20%20%20%20%20%20pam_localuser.so%0Aauth%20%20%20%20%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_unix.so%20try_first_pass%0Aauth%20%20%20%20%20%20%20%20requisite%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_succeed_if.so%20uid%20%3E%3D%201000%20quiet_success%0Aauth%20%20%20%20%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_sss.so%20forward_pass%0Aauth%20%20%20%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_deny.so%0A%0Aaccount%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_unix.so%0Aaccount%20%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_localuser.so%0Aaccount%20%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_succeed_if.so%20uid%20%3C%201000%20quiet%0Aaccount%20%20%20%20%20%5Bdefault%3Dbad%20success%3Dok%20user_unknown%3Dignore%5D%20pam_sss.so%0Aaccount%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_permit.so%0A%0Apassword%20%20%20%20requisite%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_pwquality.so%20try_first_pass%20local_users_only%0Apassword%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_unix.so%20sha512%20shadow%20try_first_pass%20use_authtok%0Apassword%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_sss.so%20use_authtok%0Apassword%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_deny.so%0A%0Asession%20%20%20%20%20optional%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_keyinit.so%20revoke%0Asession%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_limits.so%0A-session%20%20%20%20optional%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_systemd.so%0Asession%20%20%20%20%20%5Bsuccess%3D1%20default%3Dignore%5D%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_succeed_if.so%20service%20in%20crond%20quiet%20use_uid%0Asession%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_unix.so%0Asession%20%20%20%20%20optional%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_sss.so%0A
            mode: 0644
            path: /etc/pam.d/password-auth
            overwrite: true
          - contents:
              source: data:,%23%20Generated%20by%20authselect%20on%20Sat%20Oct%2027%2014%3A59%3A36%202018%0A%23%20Do%20not%20modify%20this%20file%20manually.%0A%0Aauth%20%20%20%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_env.so%0Aauth%20%20%20%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_faildelay.so%20delay%3D2000000%0Aauth%20%20%20%20%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_fprintd.so%0Aauth%20%20%20%20%20%20%20%20%5Bdefault%3D1%20ignore%3Dignore%20success%3Dok%5D%20%20%20%20%20%20%20%20%20pam_succeed_if.so%20uid%20%3E%3D%201000%20quiet%0Aauth%20%20%20%20%20%20%20%20%5Bdefault%3D1%20ignore%3Dignore%20success%3Dok%5D%20%20%20%20%20%20%20%20%20pam_localuser.so%0Aauth%20%20%20%20%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_unix.so%20try_first_pass%0Aauth%20%20%20%20%20%20%20%20requisite%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_succeed_if.so%20uid%20%3E%3D%201000%20quiet_success%0Aauth%20%20%20%20%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_sss.so%20forward_pass%0Aauth%20%20%20%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_deny.so%0A%0Aaccount%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_unix.so%0Aaccount%20%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_localuser.so%0Aaccount%20%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_succeed_if.so%20uid%20%3C%201000%20quiet%0Aaccount%20%20%20%20%20%5Bdefault%3Dbad%20success%3Dok%20user_unknown%3Dignore%5D%20pam_sss.so%0Aaccount%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_permit.so%0A%0Apassword%20%20%20%20requisite%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_pwquality.so%20try_first_pass%20local_users_only%0Apassword%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_unix.so%20sha512%20shadow%20try_first_pass%20use_authtok%0Apassword%20%20%20%20sufficient%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_sss.so%20use_authtok%0Apassword%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_deny.so%0A%0Asession%20%20%20%20%20optional%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_keyinit.so%20revoke%0Asession%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_limits.so%0A-session%20%20%20%20optional%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_systemd.so%0Asession%20%20%20%20%20%5Bsuccess%3D1%20default%3Dignore%5D%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_succeed_if.so%20service%20in%20crond%20quiet%20use_uid%0Asession%20%20%20%20%20required%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_unix.so%0Asession%20%20%20%20%20optional%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20pam_sss.so%0A
            mode: 0644
            path: /etc/pam.d/system-auth
            overwrite: true
    
OVAL test results details

make sure nullok is not used in /etc/pam.d/system-auth  oval:ssg-test_no_empty_passwords:tst:1  false

Following items have been found on the system:
PathContent
/etc/pam.d/system-authauth required pam_env.so auth sufficient pam_unix.so try_first_pass nullok auth required pam_deny.so account required pam_unix.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so try_first_pass use_authtok nullok sha512 shadow
/etc/pam.d/password-authauth required pam_env.so auth sufficient pam_unix.so try_first_pass nullok auth required pam_deny.so account required pam_unix.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so try_first_pass use_authtok nullok sha512 shadow
Verify Only Root Has UID 0xccdf_org.ssgproject.content_rule_accounts_no_uid_except_zero highCCE-83624-7

Verify Only Root Has UID 0

Rule IDxccdf_org.ssgproject.content_rule_accounts_no_uid_except_zero
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-accounts_no_uid_except_zero:def:1
Time2024-02-25T14:39:36+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-83624-7

References:  1, 12, 13, 14, 15, 16, 18, 3, 5, APO01.06, DSS05.04, DSS05.05, DSS05.07, DSS05.10, DSS06.02, DSS06.03, DSS06.10, 3.1.1, 3.1.5, CCI-000366, 4.3.3.2.2, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, SR 1.1, SR 1.10, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.18.1.4, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.1, A.9.2.2, A.9.2.3, A.9.2.4, A.9.2.6, A.9.3.1, A.9.4.1, A.9.4.2, A.9.4.3, A.9.4.4, A.9.4.5, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 R2.2.3, CIP-004-6 R2.3, CIP-007-3 R5.1, CIP-007-3 R5.1.2, CIP-007-3 R5.2, CIP-007-3 R5.3.1, CIP-007-3 R5.3.2, CIP-007-3 R5.3.3, IA-2, AC-6(5), IA-4(b), PR.AC-1, PR.AC-4, PR.AC-6, PR.AC-7, PR.DS-5, Req-8.5, 8.2.2, 8.2.3, SRG-OS-000480-GPOS-00227, RHEL-09-411100, 6.2.9, SV-258059r926164_rule

Description
If any account other than root has a UID of 0, this misconfiguration should be investigated and the accounts other than root should be removed or have their UID changed.
If the account is associated with system commands or applications the UID should be changed to one greater than "0" but less than "1000." Otherwise assign a UID greater than "1000" that has not already been assigned.
Rationale
An account has root authority if it has a UID of 0. Multiple accounts with a UID of 0 afford more opportunity for potential intruders to guess a password for a privileged account. Proper configuration of sudo is recommended to afford multiple system administrators access to root privileges in an accountable manner.
OVAL test results details

test that there are no accounts with UID 0 except root in the /etc/passwd file  oval:ssg-test_accounts_no_uid_except_root:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_accounts_no_uid_except_root:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/passwd^(?!root:)[^:]*:[^:]*:01
Enable authselectxccdf_org.ssgproject.content_rule_enable_authselect mediumCCE-89732-2

Enable authselect

Rule IDxccdf_org.ssgproject.content_rule_enable_authselect
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-enable_authselect:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-89732-2

References:  BP28(R31), A.30.SEC-RHEL1, CCI-000213, 164.308(a)(1)(ii)(B), 164.308(a)(7)(i), 164.308(a)(7)(ii)(A), 164.310(a)(1), 164.310(a)(2)(i), 164.310(a)(2)(ii), 164.310(a)(2)(iii), 164.310(b), 164.310(c), 164.310(d)(1), 164.310(d)(2)(iii), AC-3, FIA_UAU.1, FIA_AFL.1, SRG-OS-000480-GPOS-00227, 5.4.1

Description
Configure user authentication setup to use the authselect tool. If authselect profile is selected, the rule will enable the sssd profile.
Rationale
Authselect is a successor to authconfig. It is a tool to select system authentication and identity sources from a list of supported profiles instead of letting the administrator manually build the PAM stack. That way, it avoids potential breakage of configuration, as it ships several tested profiles that are well tested and supported to solve different use-cases.
Warnings
warning  If the sudo authselect select command returns an error informing that the chosen profile cannot be selected, it is probably because PAM files have already been modified by the administrator. If this is the case, in order to not overwrite the desired changes made by the administrator, the current PAM settings should be investigated before forcing the selection of the chosen authselect profile.


    var_authselect_profile='sssd'
    
    
    authselect select "$var_authselect_profile"
    
    if test "$?" -ne 0; then
        if rpm --quiet --verify pam; then
            authselect select --force "$var_authselect_profile"
        else
        echo "Files in the 'pam' package have been altered, so the authselect configuration won't be forced" >&2
        fi
    fi
    

Complexity:low
Disruption:medium
Reboot:false
Strategy:configure
- name: XCCDF Value var_authselect_profile # promote to variable
      set_fact:
        var_authselect_profile: !!str sssd
      tags:
        - always
    
    - name: Enable authselect - Select authselect profile
      ansible.builtin.command:
        cmd: authselect select "{{ var_authselect_profile }}"
      register: result_authselect_select
      failed_when: false
      tags:
      - CCE-89732-2
      - NIST-800-53-AC-3
      - configure_strategy
      - enable_authselect
      - low_complexity
      - medium_disruption
      - medium_severity
      - no_reboot_needed
    
    - name: Enable authselect - Verify if PAM has been altered
      ansible.builtin.command:
        cmd: rpm -qV pam
      register: result_altered_authselect
      failed_when: false
      when: result_authselect_select.rc != 0
      tags:
      - CCE-89732-2
      - NIST-800-53-AC-3
      - configure_strategy
      - enable_authselect
      - low_complexity
      - medium_disruption
      - medium_severity
      - no_reboot_needed
    
    - name: Enable authselect - Informative message based on the authselect integrity
        check
      ansible.builtin.assert:
        that:
        - result_altered_authselect is skipped or result_altered_authselect.rc == 0
        fail_msg:
        - Files in the 'pam' package have been altered, so the authselect configuration
          won't be forced.
      tags:
      - CCE-89732-2
      - NIST-800-53-AC-3
      - configure_strategy
      - enable_authselect
      - low_complexity
      - medium_disruption
      - medium_severity
      - no_reboot_needed
    
    - name: Enable authselect - Force authselect profile select
      ansible.builtin.command:
        cmd: authselect select --force "{{ var_authselect_profile }}"
      when:
      - result_authselect_select.rc != 0
      - result_altered_authselect is skipped or result_altered_authselect.rc == 0
      tags:
      - CCE-89732-2
      - NIST-800-53-AC-3
      - configure_strategy
      - enable_authselect
      - low_complexity
      - medium_disruption
      - medium_severity
      - no_reboot_needed
    
OVAL test results details

The 'fingerprint-auth' PAM config is a symlink to its authselect counterpart  oval:ssg-test_pam_fingerprint_symlinked_to_authselect:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_pam_fingerprint_symlinked_to_authselect:obj:1 of type symlink_object
Filepath
/etc/pam.d/fingerprint-auth

The 'password-auth' PAM config is a symlink to its authselect counterpart  oval:ssg-test_pam_password_symlinked_to_authselect:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_pam_password_symlinked_to_authselect:obj:1 of type symlink_object
Filepath
/etc/pam.d/password-auth

The 'postlogin' PAM config is a symlink to its authselect counterpart  oval:ssg-test_pam_postlogin_symlinked_to_authselect:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_pam_postlogin_symlinked_to_authselect:obj:1 of type symlink_object
Filepath
/etc/pam.d/postlogin

The 'smartcard-auth' PAM config is a symlink to its authselect counterpart  oval:ssg-test_pam_smartcard_symlinked_to_authselect:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_pam_smartcard_symlinked_to_authselect:obj:1 of type symlink_object
Filepath
/etc/pam.d/smartcard-auth

The 'system-auth' PAM config is a symlink to its authselect counterpart  oval:ssg-test_pam_system_symlinked_to_authselect:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_pam_system_symlinked_to_authselect:obj:1 of type symlink_object
Filepath
/etc/pam.d/system-auth
Record Events that Modify the System's Discretionary Access Controls - chmodxccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chmod mediumCCE-83830-0

Record Events that Modify the System's Discretionary Access Controls - chmod

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chmod
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_dac_modification_chmod:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83830-0

References:  BP28(R73), A.3.SEC-RHEL7, 1, 11, 12, 13, 14, 15, 16, 19, 2, 3, 4, 5, 6, 7, 8, 9, 5.4.1.1, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO12.06, APO13.01, BAI03.05, BAI08.02, DSS01.03, DSS01.04, DSS02.02, DSS02.04, DSS02.07, DSS03.01, DSS03.05, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-000126, CCI-000130, CCI-000135, CCI-000169, CCI-000172, CCI-002884, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.2.3.10, 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.3.6.6, 4.3.4.4.7, 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 1.13, SR 2.10, SR 2.11, SR 2.12, SR 2.6, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 6.1, SR 6.2, SR 7.1, SR 7.6, A.11.2.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.7, A.15.2.1, A.15.2.2, A.16.1.4, A.16.1.5, A.16.1.7, A.6.2.1, A.6.2.2, AU-2(d), AU-12(c), CM-6(a), DE.AE-3, DE.AE-5, DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.AC-3, PR.PT-1, PR.PT-4, RS.AN-1, RS.AN-4, FAU_GEN.1.1.c, Req-10.5.5, 10.3.4, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPOS-00172, SRG-OS-000462-GPOS-00206, SRG-OS-000471-GPOS-00215, SRG-OS-000064-GPOS-00033, SRG-OS-000466-GPOS-00210, SRG-OS-000458-GPOS-00203, RHEL-09-654015, 4.1.3.9, SV-258177r926518_rule

Description
At a minimum, the audit system should collect file permission changes for all users and root. If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following line to a file with suffix .rules in the directory /etc/audit/rules.d:
-a always,exit -F arch=b32 -S chmod -F auid>=1000 -F auid!=unset -F key=perm_mod
If the system is 64 bit then also add the following line:
-a always,exit -F arch=b64 -S chmod -F auid>=1000 -F auid!=unset -F key=perm_mod
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following line to /etc/audit/audit.rules file:
-a always,exit -F arch=b32 -S chmod -F auid>=1000 -F auid!=unset -F key=perm_mod
If the system is 64 bit then also add the following line:
-a always,exit -F arch=b64 -S chmod -F auid>=1000 -F auid!=unset -F key=perm_mod
Rationale
The changing of file permissions could indicate that a user is attempting to gain access to information that would otherwise be disallowed. Auditing DAC modifications can facilitate the identification of patterns of abuse among both authorized and unauthorized users.
Warnings
warning  Note that these rules can be configured in a number of ways while still achieving the desired effect. Here the system calls have been placed independent of other system calls. Grouping these system calls with others as identifying earlier in this guide is more efficient.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    # First perform the remediation of the syscall rule
    # Retrieve hardware architecture of the underlying system
    [ "$(getconf LONG_BIT)" = "32" ] && RULE_ARCHS=("b32") || RULE_ARCHS=("b32" "b64")
    
    for ARCH in "${RULE_ARCHS[@]}"
    do
        ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
        OTHER_FILTERS=""
        AUID_FILTERS="-F auid>=1000 -F auid!=unset"
        SYSCALL="chmod"
        KEY="perm_mod"
        SYSCALL_GROUPING="chmod fchmod fchmodat"
    
        # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
        unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    # If audit tool is 'augenrules', then check if the audit rule is defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
    # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
    default_file="/etc/audit/rules.d/$KEY.rules"
    # As other_filters may include paths, lets use a different delimiter for it
    # The "F" script expression tells sed to print the filenames where the expressions matched
    readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
    # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
    if [ ${#files_to_inspect[@]} -eq "0" ]
    then
        file_to_inspect="/etc/audit/rules.d/$KEY.rules"
        files_to_inspect=("$file_to_inspect")
        if [ ! -e "$file_to_inspect" ]
        then
            touch "$file_to_inspect"
            chmod 0640 "$file_to_inspect"
        fi
    fi
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
        unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    
    # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # file to the list of files to be inspected
    default_file="/etc/audit/audit.rules"
    files_to_inspect+=('/etc/audit/audit.rules' )
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    done
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83830-0
      - CJIS-5.4.1.1
      - DISA-STIG-RHEL-09-654015
      - NIST-800-171-3.1.7
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_dac_modification_chmod
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: Set architecture for audit chmod tasks
      set_fact:
        audit_arch: b64
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - ansible_architecture == "aarch64" or ansible_architecture == "ppc64" or ansible_architecture
        == "ppc64le" or ansible_architecture == "s390x" or ansible_architecture == "x86_64"
      tags:
      - CCE-83830-0
      - CJIS-5.4.1.1
      - DISA-STIG-RHEL-09-654015
      - NIST-800-171-3.1.7
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_dac_modification_chmod
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for chmod for 32bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - chmod
          syscall_grouping:
          - chmod
          - fchmod
          - fchmodat
    
      - name: Check existence of chmod in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/perm_mod.rules
        set_fact: audit_file="/etc/audit/rules.d/perm_mod.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k
            |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=perm_mod
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - chmod
          syscall_grouping:
          - chmod
          - fchmod
          - fchmodat
    
      - name: Check existence of chmod in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k |-F
            key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=perm_mod
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83830-0
      - CJIS-5.4.1.1
      - DISA-STIG-RHEL-09-654015
      - NIST-800-171-3.1.7
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_dac_modification_chmod
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for chmod for 64bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - chmod
          syscall_grouping:
          - chmod
          - fchmod
          - fchmodat
    
      - name: Check existence of chmod in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/perm_mod.rules
        set_fact: audit_file="/etc/audit/rules.d/perm_mod.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k
            |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=perm_mod
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - chmod
          syscall_grouping:
          - chmod
          - fchmod
          - fchmodat
    
      - name: Check existence of chmod in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k |-F
            key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=perm_mod
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - audit_arch == "b64"
      tags:
      - CCE-83830-0
      - CJIS-5.4.1.1
      - DISA-STIG-RHEL-09-654015
      - NIST-800-171-3.1.7
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_dac_modification_chmod
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit chmod  oval:ssg-test_32bit_ardm_chmod_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_chmod_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+chmod[\s]+|([\s]+|[,])chmod([\s]+|[,])))(?:.*-F\s+auid>=1000[\s]+)(?:.*-F\s+auid!=(?:4294967295|unset)[\s]+).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit chmod  oval:ssg-test_64bit_ardm_chmod_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_chmod_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+chmod[\s]+|([\s]+|[,])chmod([\s]+|[,])))(?:.*-F\s+auid>=1000[\s]+)(?:.*-F\s+auid!=(?:4294967295|unset)[\s]+).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit chmod  oval:ssg-test_32bit_ardm_chmod_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_chmod_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+chmod[\s]+|([\s]+|[,])chmod([\s]+|[,])))(?:.*-F\s+auid>=1000[\s]+)(?:.*-F\s+auid!=(?:4294967295|unset)[\s]+).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit chmod  oval:ssg-test_64bit_ardm_chmod_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_chmod_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+chmod[\s]+|([\s]+|[,])chmod([\s]+|[,])))(?:.*-F\s+auid>=1000[\s]+)(?:.*-F\s+auid!=(?:4294967295|unset)[\s]+).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Record Events that Modify the System's Discretionary Access Controls - chownxccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chown mediumCCE-83812-8

Record Events that Modify the System's Discretionary Access Controls - chown

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chown
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_dac_modification_chown:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83812-8

References:  BP28(R73), A.3.SEC-RHEL7, 1, 11, 12, 13, 14, 15, 16, 19, 2, 3, 4, 5, 6, 7, 8, 9, 5.4.1.1, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO12.06, APO13.01, BAI03.05, BAI08.02, DSS01.03, DSS01.04, DSS02.02, DSS02.04, DSS02.07, DSS03.01, DSS03.05, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-000126, CCI-000130, CCI-000135, CCI-000169, CCI-000172, CCI-002884, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.2.3.10, 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.3.6.6, 4.3.4.4.7, 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 1.13, SR 2.10, SR 2.11, SR 2.12, SR 2.6, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 6.1, SR 6.2, SR 7.1, SR 7.6, A.11.2.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.7, A.15.2.1, A.15.2.2, A.16.1.4, A.16.1.5, A.16.1.7, A.6.2.1, A.6.2.2, AU-2(d), AU-12(c), CM-6(a), DE.AE-3, DE.AE-5, DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.AC-3, PR.PT-1, PR.PT-4, RS.AN-1, RS.AN-4, FAU_GEN.1.1.c, Req-10.5.5, 10.3.4, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPOS-00172, SRG-OS-000462-GPOS-00206, SRG-OS-000471-GPOS-00215, SRG-OS-000064-GPOS-00033, SRG-OS-000466-GPOS-00210, SRG-OS-000458-GPOS-00203, SRG-OS-000474-GPOS-00219, RHEL-09-654020, 4.1.3.9, SV-258178r926521_rule

Description
At a minimum, the audit system should collect file permission changes for all users and root. If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following line to a file with suffix .rules in the directory /etc/audit/rules.d:
-a always,exit -F arch=b32 -S chown -F auid>=1000 -F auid!=unset -F key=perm_mod
If the system is 64 bit then also add the following line:
-a always,exit -F arch=b64 -S chown -F auid>=1000 -F auid!=unset -F key=perm_mod
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following line to /etc/audit/audit.rules file:
-a always,exit -F arch=b32 -S chown -F auid>=1000 -F auid!=unset -F key=perm_mod
If the system is 64 bit then also add the following line:
-a always,exit -F arch=b64 -S chown -F auid>=1000 -F auid!=unset -F key=perm_mod
Rationale
The changing of file permissions could indicate that a user is attempting to gain access to information that would otherwise be disallowed. Auditing DAC modifications can facilitate the identification of patterns of abuse among both authorized and unauthorized users.
Warnings
warning  Note that these rules can be configured in a number of ways while still achieving the desired effect. Here the system calls have been placed independent of other system calls. Grouping these system calls with others as identifying earlier in this guide is more efficient.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    # First perform the remediation of the syscall rule
    # Retrieve hardware architecture of the underlying system
    [ "$(getconf LONG_BIT)" = "32" ] && RULE_ARCHS=("b32") || RULE_ARCHS=("b32" "b64")
    
    for ARCH in "${RULE_ARCHS[@]}"
    do
        ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
        OTHER_FILTERS=""
        AUID_FILTERS="-F auid>=1000 -F auid!=unset"
        SYSCALL="chown"
        KEY="perm_mod"
        SYSCALL_GROUPING="chown fchown fchownat lchown"
    
        # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
        unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    # If audit tool is 'augenrules', then check if the audit rule is defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
    # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
    default_file="/etc/audit/rules.d/$KEY.rules"
    # As other_filters may include paths, lets use a different delimiter for it
    # The "F" script expression tells sed to print the filenames where the expressions matched
    readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
    # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
    if [ ${#files_to_inspect[@]} -eq "0" ]
    then
        file_to_inspect="/etc/audit/rules.d/$KEY.rules"
        files_to_inspect=("$file_to_inspect")
        if [ ! -e "$file_to_inspect" ]
        then
            touch "$file_to_inspect"
            chmod 0640 "$file_to_inspect"
        fi
    fi
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
        unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    
    # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # file to the list of files to be inspected
    default_file="/etc/audit/audit.rules"
    files_to_inspect+=('/etc/audit/audit.rules' )
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    done
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83812-8
      - CJIS-5.4.1.1
      - DISA-STIG-RHEL-09-654020
      - NIST-800-171-3.1.7
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_dac_modification_chown
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: Set architecture for audit chown tasks
      set_fact:
        audit_arch: b64
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - ansible_architecture == "aarch64" or ansible_architecture == "ppc64" or ansible_architecture
        == "ppc64le" or ansible_architecture == "s390x" or ansible_architecture == "x86_64"
      tags:
      - CCE-83812-8
      - CJIS-5.4.1.1
      - DISA-STIG-RHEL-09-654020
      - NIST-800-171-3.1.7
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_dac_modification_chown
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for chown for 32bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - chown
          syscall_grouping:
          - chown
          - fchown
          - fchownat
          - lchown
    
      - name: Check existence of chown in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/perm_mod.rules
        set_fact: audit_file="/etc/audit/rules.d/perm_mod.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k
            |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=perm_mod
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - chown
          syscall_grouping:
          - chown
          - fchown
          - fchownat
          - lchown
    
      - name: Check existence of chown in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k |-F
            key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=perm_mod
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83812-8
      - CJIS-5.4.1.1
      - DISA-STIG-RHEL-09-654020
      - NIST-800-171-3.1.7
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_dac_modification_chown
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for chown for 64bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - chown
          syscall_grouping:
          - chown
          - fchown
          - fchownat
          - lchown
    
      - name: Check existence of chown in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/perm_mod.rules
        set_fact: audit_file="/etc/audit/rules.d/perm_mod.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k
            |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=perm_mod
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - chown
          syscall_grouping:
          - chown
          - fchown
          - fchownat
          - lchown
    
      - name: Check existence of chown in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k |-F
            key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=perm_mod
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - audit_arch == "b64"
      tags:
      - CCE-83812-8
      - CJIS-5.4.1.1
      - DISA-STIG-RHEL-09-654020
      - NIST-800-171-3.1.7
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_dac_modification_chown
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit chown  oval:ssg-test_32bit_ardm_chown_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_chown_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+chown[\s]+|([\s]+|[,])chown([\s]+|[,])))(?:.*-F\s+auid>=1000[\s]+)(?:.*-F\s+auid!=(?:4294967295|unset)[\s]+).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit chown  oval:ssg-test_64bit_ardm_chown_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_chown_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+chown[\s]+|([\s]+|[,])chown([\s]+|[,])))(?:.*-F\s+auid>=1000[\s]+)(?:.*-F\s+auid!=(?:4294967295|unset)[\s]+).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit chown  oval:ssg-test_32bit_ardm_chown_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_chown_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+chown[\s]+|([\s]+|[,])chown([\s]+|[,])))(?:.*-F\s+auid>=1000[\s]+)(?:.*-F\s+auid!=(?:4294967295|unset)[\s]+).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit chown  oval:ssg-test_64bit_ardm_chown_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_chown_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+chown[\s]+|([\s]+|[,])chown([\s]+|[,])))(?:.*-F\s+auid>=1000[\s]+)(?:.*-F\s+auid!=(?:4294967295|unset)[\s]+).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Record Any Attempts to Run chconxccdf_org.ssgproject.content_rule_audit_rules_execution_chcon mediumCCE-83748-4

Record Any Attempts to Run chcon

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_execution_chcon
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_execution_chcon:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83748-4

References:  1, 12, 13, 14, 15, 16, 2, 3, 5, 6, 7, 8, 9, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, BAI03.05, DSS01.03, DSS03.05, DSS05.02, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-000130, CCI-000135, CCI-000169, CCI-000172, CCI-002884, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 2.10, SR 2.11, SR 2.12, SR 2.8, SR 2.9, SR 6.1, SR 6.2, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.14.2.7, A.15.2.1, A.15.2.2, AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.PT-1, FAU_GEN.1.1.c, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPOS-00172, SRG-OS-000462-GPOS-00206, SRG-OS-000468-GPOS-00212, SRG-OS-000471-GPOS-00215, SRG-OS-000463-GPOS-00207, SRG-OS-000465-GPOS-00209, RHEL-09-654045, 4.1.3.15, SV-258183r926536_rule

Description
At a minimum, the audit system should collect any execution attempt of the chcon command for all users and root. If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following lines to a file with suffix .rules in the directory /etc/audit/rules.d:
-a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following lines to /etc/audit/audit.rules file:
-a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
Rationale
Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider and advanced persistent threats.

Privileged programs are subject to escalation-of-privilege attacks, which attempt to subvert their normal role of providing some necessary but limited capability. As such, motivation exists to monitor these programs for unusual activity.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    ACTION_ARCH_FILTERS="-a always,exit"
    OTHER_FILTERS="-F path=/usr/bin/chcon -F perm=x"
    AUID_FILTERS="-F auid>=1000 -F auid!=unset"
    SYSCALL=""
    KEY="privileged"
    SYSCALL_GROUPING=""
    # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    # If audit tool is 'augenrules', then check if the audit rule is defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
    # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
    default_file="/etc/audit/rules.d/$KEY.rules"
    # As other_filters may include paths, lets use a different delimiter for it
    # The "F" script expression tells sed to print the filenames where the expressions matched
    readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
    # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
    if [ ${#files_to_inspect[@]} -eq "0" ]
    then
        file_to_inspect="/etc/audit/rules.d/$KEY.rules"
        files_to_inspect=("$file_to_inspect")
        if [ ! -e "$file_to_inspect" ]
        then
            touch "$file_to_inspect"
            chmod 0640 "$file_to_inspect"
        fi
    fi
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    
    # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # file to the list of files to be inspected
    default_file="/etc/audit/audit.rules"
    files_to_inspect+=('/etc/audit/audit.rules' )
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83748-4
      - DISA-STIG-RHEL-09-654045
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_chcon
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for /usr/bin/chcon
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/bin/chcon -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/privileged.rules
        set_fact: audit_file="/etc/audit/rules.d/privileged.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F path=/usr/bin/chcon -F perm=x -F
            auid>=1000 -F auid!=unset (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/bin/chcon -F perm=x
            -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/bin/chcon -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_found | join("|") }}))\b)((?:(
            -S |,)\w+)+)( -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F auid!=unset
            (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/bin/chcon -F perm=x
            -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83748-4
      - DISA-STIG-RHEL-09-654045
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_chcon
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules chcon  oval:ssg-test_audit_rules_execution_chcon_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_chcon_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/bin\/chcon(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl chcon  oval:ssg-test_audit_rules_execution_chcon_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_chcon_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/bin\/chcon(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Record Any Attempts to Run restoreconxccdf_org.ssgproject.content_rule_audit_rules_execution_restorecon mediumCCE-83749-2

Record Any Attempts to Run restorecon

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_execution_restorecon
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_execution_restorecon:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83749-2

References:  1, 12, 13, 14, 15, 16, 2, 3, 5, 6, 7, 8, 9, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, BAI03.05, DSS01.03, DSS03.05, DSS05.02, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-000172, CCI-002884, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 2.10, SR 2.11, SR 2.12, SR 2.8, SR 2.9, SR 6.1, SR 6.2, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.14.2.7, A.15.2.1, A.15.2.2, AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.PT-1, FAU_GEN.1.1.c, SRG-OS-000392-GPOS-00172, SRG-OS-000463-GPOS-00207, SRG-OS-000465-GPOS-00209

Description
At a minimum, the audit system should collect any execution attempt of the restorecon command for all users and root. If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following lines to a file with suffix .rules in the directory /etc/audit/rules.d:
-a always,exit -F path=/usr/sbin/restorecon -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following lines to /etc/audit/audit.rules file:
-a always,exit -F path=/usr/sbin/restorecon -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
Rationale
Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider and advanced persistent threats.

Privileged programs are subject to escalation-of-privilege attacks, which attempt to subvert their normal role of providing some necessary but limited capability. As such, motivation exists to monitor these programs for unusual activity.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    ACTION_ARCH_FILTERS="-a always,exit"
    OTHER_FILTERS="-F path=/usr/sbin/restorecon -F perm=x"
    AUID_FILTERS="-F auid>=1000 -F auid!=unset"
    SYSCALL=""
    KEY="privileged"
    SYSCALL_GROUPING=""
    # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    # If audit tool is 'augenrules', then check if the audit rule is defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
    # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
    default_file="/etc/audit/rules.d/$KEY.rules"
    # As other_filters may include paths, lets use a different delimiter for it
    # The "F" script expression tells sed to print the filenames where the expressions matched
    readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
    # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
    if [ ${#files_to_inspect[@]} -eq "0" ]
    then
        file_to_inspect="/etc/audit/rules.d/$KEY.rules"
        files_to_inspect=("$file_to_inspect")
        if [ ! -e "$file_to_inspect" ]
        then
            touch "$file_to_inspect"
            chmod 0640 "$file_to_inspect"
        fi
    fi
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    
    # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # file to the list of files to be inspected
    default_file="/etc/audit/audit.rules"
    files_to_inspect+=('/etc/audit/audit.rules' )
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83749-2
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_restorecon
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for /usr/sbin/restorecon
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/sbin/restorecon -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/privileged.rules
        set_fact: audit_file="/etc/audit/rules.d/privileged.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F path=/usr/sbin/restorecon -F perm=x
            -F auid>=1000 -F auid!=unset (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/sbin/restorecon
            -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/sbin/restorecon -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_found | join("|") }}))\b)((?:(
            -S |,)\w+)+)( -F path=/usr/sbin/restorecon -F perm=x -F auid>=1000 -F auid!=unset
            (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/sbin/restorecon
            -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83749-2
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_restorecon
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules restorecon  oval:ssg-test_audit_rules_execution_restorecon_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_restorecon_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/sbin\/restorecon(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl restorecon  oval:ssg-test_audit_rules_execution_restorecon_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_restorecon_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/sbin\/restorecon(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Record Any Attempts to Run semanagexccdf_org.ssgproject.content_rule_audit_rules_execution_semanage mediumCCE-83750-0

Record Any Attempts to Run semanage

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_execution_semanage
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_execution_semanage:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83750-0

References:  1, 12, 13, 14, 15, 16, 2, 3, 5, 6, 7, 8, 9, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, BAI03.05, DSS01.03, DSS03.05, DSS05.02, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-000169, CCI-000172, CCI-002884, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 2.10, SR 2.11, SR 2.12, SR 2.8, SR 2.9, SR 6.1, SR 6.2, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.14.2.7, A.15.2.1, A.15.2.2, CIP-004-6 R2.2.2, CIP-004-6 R2.2.3, CIP-007-3 R.1.3, CIP-007-3 R5, CIP-007-3 R5.1.1, CIP-007-3 R5.1.3, CIP-007-3 R5.2.1, CIP-007-3 R5.2.3, AC-2(4), AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.PT-1, FAU_GEN.1.1.c, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPOS-00172, SRG-OS-000462-GPOS-00206, SRG-OS-000471-GPOS-00215, SRG-OS-000463-GPOS-00207, SRG-OS-000465-GPOS-00209, RHEL-09-654050, SV-258184r926539_rule

Description
At a minimum, the audit system should collect any execution attempt of the semanage command for all users and root. If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following lines to a file with suffix .rules in the directory /etc/audit/rules.d:
-a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following lines to /etc/audit/audit.rules file:
-a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
Rationale
Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider and advanced persistent threats.

Privileged programs are subject to escalation-of-privilege attacks, which attempt to subvert their normal role of providing some necessary but limited capability. As such, motivation exists to monitor these programs for unusual activity.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    ACTION_ARCH_FILTERS="-a always,exit"
    OTHER_FILTERS="-F path=/usr/sbin/semanage -F perm=x"
    AUID_FILTERS="-F auid>=1000 -F auid!=unset"
    SYSCALL=""
    KEY="privileged"
    SYSCALL_GROUPING=""
    # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    # If audit tool is 'augenrules', then check if the audit rule is defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
    # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
    default_file="/etc/audit/rules.d/$KEY.rules"
    # As other_filters may include paths, lets use a different delimiter for it
    # The "F" script expression tells sed to print the filenames where the expressions matched
    readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
    # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
    if [ ${#files_to_inspect[@]} -eq "0" ]
    then
        file_to_inspect="/etc/audit/rules.d/$KEY.rules"
        files_to_inspect=("$file_to_inspect")
        if [ ! -e "$file_to_inspect" ]
        then
            touch "$file_to_inspect"
            chmod 0640 "$file_to_inspect"
        fi
    fi
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    
    # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # file to the list of files to be inspected
    default_file="/etc/audit/audit.rules"
    files_to_inspect+=('/etc/audit/audit.rules' )
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83750-0
      - DISA-STIG-RHEL-09-654050
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(4)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_semanage
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for /usr/sbin/semanage
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/privileged.rules
        set_fact: audit_file="/etc/audit/rules.d/privileged.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F path=/usr/sbin/semanage -F perm=x
            -F auid>=1000 -F auid!=unset (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/sbin/semanage -F
            perm=x -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_found | join("|") }}))\b)((?:(
            -S |,)\w+)+)( -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F auid!=unset
            (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/sbin/semanage -F
            perm=x -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83750-0
      - DISA-STIG-RHEL-09-654050
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(4)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_semanage
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules semanage  oval:ssg-test_audit_rules_execution_semanage_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_semanage_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/sbin\/semanage(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl semanage  oval:ssg-test_audit_rules_execution_semanage_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_semanage_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/sbin\/semanage(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Record Any Attempts to Run setfilesxccdf_org.ssgproject.content_rule_audit_rules_execution_setfiles mediumCCE-83736-9

Record Any Attempts to Run setfiles

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_execution_setfiles
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_execution_setfiles:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83736-9

References:  CCI-000169, CCI-000172, CCI-002884, AU-2(d), AU-12(c), AC-6(9), CM-6(a), SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPOS-00172, SRG-OS-000462-GPOS-00206, SRG-OS-000471-GPOS-00215, SRG-OS-000463-GPOS-00207, SRG-OS-000465-GPOS-00209, RHEL-09-654055, SV-258185r926542_rule

Description
At a minimum, the audit system should collect any execution attempt of the setfiles command for all users and root. If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following lines to a file with suffix .rules in the directory /etc/audit/rules.d:
-a always,exit -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following lines to /etc/audit/audit.rules file:
-a always,exit -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
Rationale
Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider and advanced persistent threats.

Privileged programs are subject to escalation-of-privilege attacks, which attempt to subvert their normal role of providing some necessary but limited capability. As such, motivation exists to monitor these programs for unusual activity.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    ACTION_ARCH_FILTERS="-a always,exit"
    OTHER_FILTERS="-F path=/usr/sbin/setfiles -F perm=x"
    AUID_FILTERS="-F auid>=1000 -F auid!=unset"
    SYSCALL=""
    KEY="privileged"
    SYSCALL_GROUPING=""
    # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    # If audit tool is 'augenrules', then check if the audit rule is defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
    # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
    default_file="/etc/audit/rules.d/$KEY.rules"
    # As other_filters may include paths, lets use a different delimiter for it
    # The "F" script expression tells sed to print the filenames where the expressions matched
    readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
    # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
    if [ ${#files_to_inspect[@]} -eq "0" ]
    then
        file_to_inspect="/etc/audit/rules.d/$KEY.rules"
        files_to_inspect=("$file_to_inspect")
        if [ ! -e "$file_to_inspect" ]
        then
            touch "$file_to_inspect"
            chmod 0640 "$file_to_inspect"
        fi
    fi
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    
    # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # file to the list of files to be inspected
    default_file="/etc/audit/audit.rules"
    files_to_inspect+=('/etc/audit/audit.rules' )
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83736-9
      - DISA-STIG-RHEL-09-654055
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_setfiles
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for /usr/sbin/setfiles
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/privileged.rules
        set_fact: audit_file="/etc/audit/rules.d/privileged.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F path=/usr/sbin/setfiles -F perm=x
            -F auid>=1000 -F auid!=unset (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/sbin/setfiles -F
            perm=x -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_found | join("|") }}))\b)((?:(
            -S |,)\w+)+)( -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F auid!=unset
            (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/sbin/setfiles -F
            perm=x -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83736-9
      - DISA-STIG-RHEL-09-654055
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_setfiles
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules setfiles  oval:ssg-test_audit_rules_execution_setfiles_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_setfiles_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/sbin\/setfiles(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl setfiles  oval:ssg-test_audit_rules_execution_setfiles_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_setfiles_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/sbin\/setfiles(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Record Any Attempts to Run setseboolxccdf_org.ssgproject.content_rule_audit_rules_execution_setsebool mediumCCE-83751-8

Record Any Attempts to Run setsebool

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_execution_setsebool
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_execution_setsebool:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83751-8

References:  1, 12, 13, 14, 15, 16, 2, 3, 5, 6, 7, 8, 9, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, BAI03.05, DSS01.03, DSS03.05, DSS05.02, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-000130, CCI-000135, CCI-000169, CCI-000172, CCI-002884, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 2.10, SR 2.11, SR 2.12, SR 2.8, SR 2.9, SR 6.1, SR 6.2, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.14.2.7, A.15.2.1, A.15.2.2, AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.PT-1, FAU_GEN.1.1.c, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPOS-00031, SRG-OS-000392-GPOS-00172, SRG-OS-000462-GPOS-00206, SRG-OS-000471-GPOS-00215, SRG-OS-000463-GPOS-00207, SRG-OS-000465-GPOS-00209, RHEL-09-654060, SV-258186r926545_rule

Description
At a minimum, the audit system should collect any execution attempt of the setsebool command for all users and root. If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following lines to a file with suffix .rules in the directory /etc/audit/rules.d:
-a always,exit -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following lines to /etc/audit/audit.rules file:
-a always,exit -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
Rationale
Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider and advanced persistent threats.

Privileged programs are subject to escalation-of-privilege attacks, which attempt to subvert their normal role of providing some necessary but limited capability. As such, motivation exists to monitor these programs for unusual activity.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    ACTION_ARCH_FILTERS="-a always,exit"
    OTHER_FILTERS="-F path=/usr/sbin/setsebool -F perm=x"
    AUID_FILTERS="-F auid>=1000 -F auid!=unset"
    SYSCALL=""
    KEY="privileged"
    SYSCALL_GROUPING=""
    # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    # If audit tool is 'augenrules', then check if the audit rule is defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
    # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
    default_file="/etc/audit/rules.d/$KEY.rules"
    # As other_filters may include paths, lets use a different delimiter for it
    # The "F" script expression tells sed to print the filenames where the expressions matched
    readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
    # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
    if [ ${#files_to_inspect[@]} -eq "0" ]
    then
        file_to_inspect="/etc/audit/rules.d/$KEY.rules"
        files_to_inspect=("$file_to_inspect")
        if [ ! -e "$file_to_inspect" ]
        then
            touch "$file_to_inspect"
            chmod 0640 "$file_to_inspect"
        fi
    fi
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    
    # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # file to the list of files to be inspected
    default_file="/etc/audit/audit.rules"
    files_to_inspect+=('/etc/audit/audit.rules' )
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83751-8
      - DISA-STIG-RHEL-09-654060
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_setsebool
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for /usr/sbin/setsebool
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/privileged.rules
        set_fact: audit_file="/etc/audit/rules.d/privileged.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F path=/usr/sbin/setsebool -F perm=x
            -F auid>=1000 -F auid!=unset (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/sbin/setsebool -F
            perm=x -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_found | join("|") }}))\b)((?:(
            -S |,)\w+)+)( -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F auid!=unset
            (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/sbin/setsebool -F
            perm=x -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83751-8
      - DISA-STIG-RHEL-09-654060
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_setsebool
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules setsebool  oval:ssg-test_audit_rules_execution_setsebool_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_setsebool_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/sbin\/setsebool(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl setsebool  oval:ssg-test_audit_rules_execution_setsebool_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_setsebool_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/sbin\/setsebool(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Record Any Attempts to Run seunsharexccdf_org.ssgproject.content_rule_audit_rules_execution_seunshare mediumCCE-83746-8

Record Any Attempts to Run seunshare

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_execution_seunshare
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_execution_seunshare:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83746-8

References:  CCI-000172, AU-2(d), AU-12(c), AC-6(9), CM-6(a), FAU_GEN.1.1.c

Description
At a minimum, the audit system should collect any execution attempt of the seunshare command for all users and root. If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following lines to a file with suffix .rules in the directory /etc/audit/rules.d:
-a always,exit -F path=/usr/sbin/seunshare -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following lines to /etc/audit/audit.rules file:
-a always,exit -F path=/usr/sbin/seunshare -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged
Rationale
Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse and identify the risk from insider and advanced persistent threats.

Privileged programs are subject to escalation-of-privilege attacks, which attempt to subvert their normal role of providing some necessary but limited capability. As such, motivation exists to monitor these programs for unusual activity.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    ACTION_ARCH_FILTERS="-a always,exit"
    OTHER_FILTERS="-F path=/usr/sbin/seunshare -F perm=x"
    AUID_FILTERS="-F auid>=1000 -F auid!=unset"
    SYSCALL=""
    KEY="privileged"
    SYSCALL_GROUPING=""
    # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    # If audit tool is 'augenrules', then check if the audit rule is defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
    # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
    default_file="/etc/audit/rules.d/$KEY.rules"
    # As other_filters may include paths, lets use a different delimiter for it
    # The "F" script expression tells sed to print the filenames where the expressions matched
    readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
    # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
    if [ ${#files_to_inspect[@]} -eq "0" ]
    then
        file_to_inspect="/etc/audit/rules.d/$KEY.rules"
        files_to_inspect=("$file_to_inspect")
        if [ ! -e "$file_to_inspect" ]
        then
            touch "$file_to_inspect"
            chmod 0640 "$file_to_inspect"
        fi
    fi
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    
    # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # file to the list of files to be inspected
    default_file="/etc/audit/audit.rules"
    files_to_inspect+=('/etc/audit/audit.rules' )
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83746-8
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_seunshare
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for /usr/sbin/seunshare
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/sbin/seunshare -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/privileged.rules
        set_fact: audit_file="/etc/audit/rules.d/privileged.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F path=/usr/sbin/seunshare -F perm=x
            -F auid>=1000 -F auid!=unset (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/sbin/seunshare -F
            perm=x -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls: []
          syscall_grouping: []
    
      - name: Check existence of  in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit(( -S |,)\w+)*(( -S |,){{ item }})+(( -S |,)\w+)* -F
            path=/usr/sbin/seunshare -F perm=x -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit)(?=.*(?:(?:-S |,)(?:{{ syscalls_found | join("|") }}))\b)((?:(
            -S |,)\w+)+)( -F path=/usr/sbin/seunshare -F perm=x -F auid>=1000 -F auid!=unset
            (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit{{ syscalls | join(',') }} -F path=/usr/sbin/seunshare -F
            perm=x -F auid>=1000 -F auid!=unset -F key=privileged
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83746-8
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - audit_rules_execution_seunshare
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules seunshare  oval:ssg-test_audit_rules_execution_seunshare_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_seunshare_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/sbin\/seunshare(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl seunshare  oval:ssg-test_audit_rules_execution_seunshare_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_execution_seunshare_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+path=\/usr\/sbin\/seunshare(?:[\s]+-F[\s]+perm=x)[\s]+-F[\s]+auid>=1000[\s]+-F[\s]+auid!=(?:4294967295|unset|-1)[\s]+(?:-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Ensure auditd Collects Information on Kernel Module Loading and Unloadingxccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading mediumCCE-83804-5

Ensure auditd Collects Information on Kernel Module Loading and Unloading

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_kernel_module_loading:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83804-5

References:  1, 11, 12, 13, 14, 15, 16, 19, 2, 3, 4, 5, 6, 7, 8, 9, 5.4.1.1, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO12.06, APO13.01, BAI03.05, BAI08.02, DSS01.03, DSS01.04, DSS02.02, DSS02.04, DSS02.07, DSS03.01, DSS03.05, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-000172, 4.2.3.10, 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.3.6.6, 4.3.4.4.7, 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 1.13, SR 2.10, SR 2.11, SR 2.12, SR 2.6, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 6.1, SR 6.2, SR 7.1, SR 7.6, A.11.2.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.7, A.15.2.1, A.15.2.2, A.16.1.4, A.16.1.5, A.16.1.7, A.6.2.1, A.6.2.2, AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.AE-3, DE.AE-5, DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.AC-3, PR.PT-1, PR.PT-4, RS.AN-1, RS.AN-4, Req-10.2.7, 10.2.1.7

Description
To capture kernel module loading and unloading events, use following lines, setting ARCH to either b32 for 32-bit system, or having two lines for both b32 and b64 in case your system is 64-bit:
    -a always,exit -F arch=ARCH -S init_module,finit_module,delete_module -F key=modules
    
The place to add the lines depends on a way auditd daemon is configured. If it is configured to use the augenrules program (the default), add the lines to a file with suffix .rules in the directory /etc/audit/rules.d. If the auditd daemon is configured to use the auditctl utility, add the lines to file /etc/audit/audit.rules.
Rationale
The addition/removal of kernel modules can be used to alter the behavior of the kernel and potentially introduce malicious code into kernel space. It is important to have an audit trail of modules that have been introduced into the kernel.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    # First perform the remediation of the syscall rule
    # Retrieve hardware architecture of the underlying system
    # Note: 32-bit and 64-bit kernel syscall numbers not always line up =>
    #       it's required on a 64-bit system to check also for the presence
    #       of 32-bit's equivalent of the corresponding rule.
    #       (See `man 7 audit.rules` for details )
    [ "$(getconf LONG_BIT)" = "32" ] && RULE_ARCHS=("b32") || RULE_ARCHS=("b32" "b64")
    
    for ARCH in "${RULE_ARCHS[@]}"
    do
            ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
            OTHER_FILTERS=""
            
            AUID_FILTERS="-F auid>=1000 -F auid!=unset"
            
            SYSCALL="init_module finit_module delete_module"
            KEY="modules"
            SYSCALL_GROUPING="init_module finit_module delete_module"
            # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
            unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    # If audit tool is 'augenrules', then check if the audit rule is defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
    # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
    default_file="/etc/audit/rules.d/$KEY.rules"
    # As other_filters may include paths, lets use a different delimiter for it
    # The "F" script expression tells sed to print the filenames where the expressions matched
    readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
    # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
    if [ ${#files_to_inspect[@]} -eq "0" ]
    then
        file_to_inspect="/etc/audit/rules.d/$KEY.rules"
        files_to_inspect=("$file_to_inspect")
        if [ ! -e "$file_to_inspect" ]
        then
            touch "$file_to_inspect"
            chmod 0640 "$file_to_inspect"
        fi
    fi
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
            unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    
    # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # file to the list of files to be inspected
    default_file="/etc/audit/audit.rules"
    files_to_inspect+=('/etc/audit/audit.rules' )
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    done
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83804-5
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.7
      - PCI-DSSv4-10.2.1.7
      - audit_rules_kernel_module_loading
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: Set architecture for audit tasks
      set_fact:
        audit_arch: b64
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - ansible_architecture == "aarch64" or ansible_architecture == "ppc64" or ansible_architecture
        == "ppc64le" or ansible_architecture == "s390x" or ansible_architecture == "x86_64"
      tags:
      - CCE-83804-5
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.7
      - PCI-DSSv4-10.2.1.7
      - audit_rules_kernel_module_loading
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for kernel module loading for 32bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - init_module
          - delete_module
          - finit_module
          syscall_grouping:
          - init_module
          - delete_module
          - finit_module
    
      - name: Check existence of init_module, delete_module, finit_module in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/modules.rules
        set_fact: audit_file="/etc/audit/rules.d/modules.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k
            |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=modules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - init_module
          - delete_module
          - finit_module
          syscall_grouping:
          - init_module
          - delete_module
          - finit_module
    
      - name: Check existence of init_module, delete_module, finit_module in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k |-F
            key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=modules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83804-5
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.7
      - PCI-DSSv4-10.2.1.7
      - audit_rules_kernel_module_loading
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for kernel module loading for 64bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - init_module
          - delete_module
          - finit_module
          syscall_grouping:
          - init_module
          - delete_module
          - finit_module
    
      - name: Check existence of init_module, delete_module, finit_module in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/modules.rules
        set_fact: audit_file="/etc/audit/rules.d/modules.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k
            |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=modules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - init_module
          - delete_module
          - finit_module
          syscall_grouping:
          - init_module
          - delete_module
          - finit_module
    
      - name: Check existence of init_module, delete_module, finit_module in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F auid>=1000 -F auid!=unset (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( -F auid>=1000 -F auid!=unset (?:-k |-F
            key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F auid>=1000
            -F auid!=unset -F key=modules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - audit_arch == "b64"
      tags:
      - CCE-83804-5
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.7
      - PCI-DSSv4-10.2.1.7
      - audit_rules_kernel_module_loading
      - low_complexity
      - low_disruption
      - medium_severity
      - reboot_required
      - restrict_strategy
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit init_module  oval:ssg-test_32bit_ardm_init_module_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_init_module_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+init_module[\s]+|([\s]+|[,])init_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit init_module  oval:ssg-test_64bit_ardm_init_module_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_init_module_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+init_module[\s]+|([\s]+|[,])init_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit init_module  oval:ssg-test_32bit_ardm_init_module_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_init_module_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+init_module[\s]+|([\s]+|[,])init_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit init_module  oval:ssg-test_64bit_ardm_init_module_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_init_module_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+init_module[\s]+|([\s]+|[,])init_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit delete_module  oval:ssg-test_32bit_ardm_delete_module_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_delete_module_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+delete_module[\s]+|([\s]+|[,])delete_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit delete_module  oval:ssg-test_64bit_ardm_delete_module_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_delete_module_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+delete_module[\s]+|([\s]+|[,])delete_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit delete_module  oval:ssg-test_32bit_ardm_delete_module_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_delete_module_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+delete_module[\s]+|([\s]+|[,])delete_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit delete_module  oval:ssg-test_64bit_ardm_delete_module_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_delete_module_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+delete_module[\s]+|([\s]+|[,])delete_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit finit_module  oval:ssg-test_32bit_ardm_finit_module_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_finit_module_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+finit_module[\s]+|([\s]+|[,])finit_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit finit_module  oval:ssg-test_64bit_ardm_finit_module_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_finit_module_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+finit_module[\s]+|([\s]+|[,])finit_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit finit_module  oval:ssg-test_32bit_ardm_finit_module_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_finit_module_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+finit_module[\s]+|([\s]+|[,])finit_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit finit_module  oval:ssg-test_64bit_ardm_finit_module_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_finit_module_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+finit_module[\s]+|([\s]+|[,])finit_module([\s]+|[,]))).*(?:-F\s+auid>=1000[\s]+)(?:-F\s+auid!=(unset|4294967295))\s+(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Record attempts to alter time through adjtimexxccdf_org.ssgproject.content_rule_audit_rules_time_adjtimex mediumCCE-83840-9

Record attempts to alter time through adjtimex

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_time_adjtimex
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_time_adjtimex:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83840-9

References:  BP28(R73), 1, 11, 12, 13, 14, 15, 16, 19, 2, 3, 4, 5, 6, 7, 8, 9, 5.4.1.1, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO12.06, APO13.01, BAI03.05, BAI08.02, DSS01.03, DSS01.04, DSS02.02, DSS02.04, DSS02.07, DSS03.01, DSS03.05, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-001487, CCI-000169, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.2.3.10, 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.3.6.6, 4.3.4.4.7, 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 1.13, SR 2.10, SR 2.11, SR 2.12, SR 2.6, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 6.1, SR 6.2, SR 7.1, SR 7.6, A.11.2.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.7, A.15.2.1, A.15.2.2, A.16.1.4, A.16.1.5, A.16.1.7, A.6.2.1, A.6.2.2, AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.AE-3, DE.AE-5, DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.AC-3, PR.PT-1, PR.PT-4, RS.AN-1, RS.AN-4, Req-10.4.2.b, 10.6.3, 4.1.3.4

Description
If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following line to a file with suffix .rules in the directory /etc/audit/rules.d:
-a always,exit -F arch=b32 -S adjtimex -F key=audit_time_rules
If the system is 64 bit then also add the following line:
-a always,exit -F arch=b64 -S adjtimex -F key=audit_time_rules
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following line to /etc/audit/audit.rules file:
-a always,exit -F arch=b32 -S adjtimex -F key=audit_time_rules
If the system is 64 bit then also add the following line:
-a always,exit -F arch=b64 -S adjtimex -F key=audit_time_rules
The -k option allows for the specification of a key in string form that can be used for better reporting capability through ausearch and aureport. Multiple system calls can be defined on the same line to save space if desired, but is not required. See an example of multiple combined syscalls:
-a always,exit -F arch=b64 -S adjtimex,settimeofday -F key=audit_time_rules
Rationale
Arbitrary changes to the system time can be used to obfuscate nefarious activities in log files, as well as to confuse network services that are highly dependent upon an accurate system time (such as sshd). All changes to the system time should be audited.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    # Retrieve hardware architecture of the underlying system
    [ "$(getconf LONG_BIT)" = "32" ] && RULE_ARCHS=("b32") || RULE_ARCHS=("b32" "b64")
    
    for ARCH in "${RULE_ARCHS[@]}"
    do
        # Create expected audit group and audit rule form for particular system call & architecture
        if [ ${ARCH} = "b32" ]
        then
            ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
            # stime system call is known at 32-bit arch (see e.g "$ ausyscall i386 stime" 's output)
            # so append it to the list of time group system calls to be audited
            SYSCALL="adjtimex settimeofday stime"
            SYSCALL_GROUPING="adjtimex settimeofday stime"
        elif [ ${ARCH} = "b64" ]
        then
            ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
            # stime system call isn't known at 64-bit arch (see "$ ausyscall x86_64 stime" 's output)
            # therefore don't add it to the list of time group system calls to be audited
            SYSCALL="adjtimex settimeofday"
            SYSCALL_GROUPING="adjtimex settimeofday"
        fi
        OTHER_FILTERS=""
        AUID_FILTERS=""
        KEY="audit_time_rules"
        # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
        unset syscall_a
        unset syscall_grouping
        unset syscall_string
        unset syscall
        unset file_to_edit
        unset rule_to_edit
        unset rule_syscalls_to_edit
        unset other_string
        unset auid_string
        unset full_rule
    
        # Load macro arguments into arrays
        read -a syscall_a <<< $SYSCALL
        read -a syscall_grouping <<< $SYSCALL_GROUPING
    
        # Create a list of audit *.rules files that should be inspected for presence and correctness
        # of a particular audit rule. The scheme is as follows:
        #
        # -----------------------------------------------------------------------------------------
        #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
        # -----------------------------------------------------------------------------------------
        #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
        # -----------------------------------------------------------------------------------------
        #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
        #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
        # -----------------------------------------------------------------------------------------
        #
        files_to_inspect=()
    
    
        # If audit tool is 'augenrules', then check if the audit rule is defined
        # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
        # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
        default_file="/etc/audit/rules.d/$KEY.rules"
        # As other_filters may include paths, lets use a different delimiter for it
        # The "F" script expression tells sed to print the filenames where the expressions matched
        readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
        # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
        if [ ${#files_to_inspect[@]} -eq "0" ]
        then
            file_to_inspect="/etc/audit/rules.d/$KEY.rules"
            files_to_inspect=("$file_to_inspect")
            if [ ! -e "$file_to_inspect" ]
            then
                touch "$file_to_inspect"
                chmod 0640 "$file_to_inspect"
            fi
        fi
    
        # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
        skip=1
    
        for audit_file in "${files_to_inspect[@]}"
        do
            # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
            # i.e, collect rules that match:
            # * the action, list and arch, (2-nd argument)
            # * the other filters, (3-rd argument)
            # * the auid filters, (4-rd argument)
            readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
            candidate_rules=()
            # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
            for s_rule in "${similar_rules[@]}"
            do
                # Strip all the options and fields we know of,
                # than check if there was any field left over
                extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
                grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
            done
    
            if [[ ${#syscall_a[@]} -ge 1 ]]
            then
                # Check if the syscall we want is present in any of the similar existing rules
                for rule in "${candidate_rules[@]}"
                do
                    rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                    all_syscalls_found=0
                    for syscall in "${syscall_a[@]}"
                    do
                        grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                           # A syscall was not found in the candidate rule
                           all_syscalls_found=1
                           }
                    done
                    if [[ $all_syscalls_found -eq 0 ]]
                    then
                        # We found a rule with all the syscall(s) we want; skip rest of macro
                        skip=0
                        break
                    fi
    
                    # Check if this rule can be grouped with our target syscall and keep track of it
                    for syscall_g in "${syscall_grouping[@]}"
                    do
                        if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                        then
                            file_to_edit=${audit_file}
                            rule_to_edit=${rule}
                            rule_syscalls_to_edit=${rule_syscalls}
                        fi
                    done
                done
            else
                # If there is any candidate rule, it is compliant; skip rest of macro
                if [ "${#candidate_rules[@]}" -gt 0 ]
                then
                    skip=0
                fi
            fi
    
            if [ "$skip" -eq 0 ]; then
                break
            fi
        done
    
        if [ "$skip" -ne 0 ]; then
            # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
            # At this point we know if we need to either append the $full_rule or group
            # the syscall together with an exsiting rule
    
            # Append the full_rule if it cannot be grouped to any other rule
            if [ -z ${rule_to_edit+x} ]
            then
                # Build full_rule while avoid adding double spaces when other_filters is empty
                if [ "${#syscall_a[@]}" -gt 0 ]
                then
                    syscall_string=""
                    for syscall in "${syscall_a[@]}"
                    do
                        syscall_string+=" -S $syscall"
                    done
                fi
                other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
                auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
                full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
                echo "$full_rule" >> "$default_file"
                chmod o-rwx ${default_file}
            else
                # Check if the syscalls are declared as a comma separated list or
                # as multiple -S parameters
                if grep -q -- "," <<< "${rule_syscalls_to_edit}"
                then
                    delimiter=","
                else
                    delimiter=" -S "
                fi
                new_grouped_syscalls="${rule_syscalls_to_edit}"
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                       # A syscall was not found in the candidate rule
                       new_grouped_syscalls+="${delimiter}${syscall}"
                       }
                done
    
                # Group the syscall in the rule
                sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
            fi
        fi
        unset syscall_a
        unset syscall_grouping
        unset syscall_string
        unset syscall
        unset file_to_edit
        unset rule_to_edit
        unset rule_syscalls_to_edit
        unset other_string
        unset auid_string
        unset full_rule
    
        # Load macro arguments into arrays
        read -a syscall_a <<< $SYSCALL
        read -a syscall_grouping <<< $SYSCALL_GROUPING
    
        # Create a list of audit *.rules files that should be inspected for presence and correctness
        # of a particular audit rule. The scheme is as follows:
        #
        # -----------------------------------------------------------------------------------------
        #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
        # -----------------------------------------------------------------------------------------
        #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
        # -----------------------------------------------------------------------------------------
        #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
        #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
        # -----------------------------------------------------------------------------------------
        #
        files_to_inspect=()
    
    
    
        # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
        # file to the list of files to be inspected
        default_file="/etc/audit/audit.rules"
        files_to_inspect+=('/etc/audit/audit.rules' )
    
        # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
        skip=1
    
        for audit_file in "${files_to_inspect[@]}"
        do
            # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
            # i.e, collect rules that match:
            # * the action, list and arch, (2-nd argument)
            # * the other filters, (3-rd argument)
            # * the auid filters, (4-rd argument)
            readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
            candidate_rules=()
            # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
            for s_rule in "${similar_rules[@]}"
            do
                # Strip all the options and fields we know of,
                # than check if there was any field left over
                extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
                grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
            done
    
            if [[ ${#syscall_a[@]} -ge 1 ]]
            then
                # Check if the syscall we want is present in any of the similar existing rules
                for rule in "${candidate_rules[@]}"
                do
                    rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                    all_syscalls_found=0
                    for syscall in "${syscall_a[@]}"
                    do
                        grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                           # A syscall was not found in the candidate rule
                           all_syscalls_found=1
                           }
                    done
                    if [[ $all_syscalls_found -eq 0 ]]
                    then
                        # We found a rule with all the syscall(s) we want; skip rest of macro
                        skip=0
                        break
                    fi
    
                    # Check if this rule can be grouped with our target syscall and keep track of it
                    for syscall_g in "${syscall_grouping[@]}"
                    do
                        if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                        then
                            file_to_edit=${audit_file}
                            rule_to_edit=${rule}
                            rule_syscalls_to_edit=${rule_syscalls}
                        fi
                    done
                done
            else
                # If there is any candidate rule, it is compliant; skip rest of macro
                if [ "${#candidate_rules[@]}" -gt 0 ]
                then
                    skip=0
                fi
            fi
    
            if [ "$skip" -eq 0 ]; then
                break
            fi
        done
    
        if [ "$skip" -ne 0 ]; then
            # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
            # At this point we know if we need to either append the $full_rule or group
            # the syscall together with an exsiting rule
    
            # Append the full_rule if it cannot be grouped to any other rule
            if [ -z ${rule_to_edit+x} ]
            then
                # Build full_rule while avoid adding double spaces when other_filters is empty
                if [ "${#syscall_a[@]}" -gt 0 ]
                then
                    syscall_string=""
                    for syscall in "${syscall_a[@]}"
                    do
                        syscall_string+=" -S $syscall"
                    done
                fi
                other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
                auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
                full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
                echo "$full_rule" >> "$default_file"
                chmod o-rwx ${default_file}
            else
                # Check if the syscalls are declared as a comma separated list or
                # as multiple -S parameters
                if grep -q -- "," <<< "${rule_syscalls_to_edit}"
                then
                    delimiter=","
                else
                    delimiter=" -S "
                fi
                new_grouped_syscalls="${rule_syscalls_to_edit}"
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                       # A syscall was not found in the candidate rule
                       new_grouped_syscalls+="${delimiter}${syscall}"
                       }
                done
    
                # Group the syscall in the rule
                sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
            fi
        fi
    done
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83840-9
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_adjtimex
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Set architecture for audit tasks
      set_fact:
        audit_arch: b64
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - ansible_architecture == "aarch64" or ansible_architecture == "ppc64" or ansible_architecture
        == "ppc64le" or ansible_architecture == "s390x" or ansible_architecture == "x86_64"
      tags:
      - CCE-83840-9
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_adjtimex
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for adjtimex for 32bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - adjtimex
          syscall_grouping:
          - adjtimex
          - settimeofday
          - stime
    
      - name: Check existence of adjtimex in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/audit_time_rules.rules
        set_fact: audit_file="/etc/audit/rules.d/audit_time_rules.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F key=audit_time_rules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - adjtimex
          syscall_grouping:
          - adjtimex
          - settimeofday
          - stime
    
      - name: Check existence of adjtimex in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F key=audit_time_rules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83840-9
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_adjtimex
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for adjtimex for 64bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - adjtimex
          syscall_grouping:
          - adjtimex
          - settimeofday
    
      - name: Check existence of adjtimex in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/audit_time_rules.rules
        set_fact: audit_file="/etc/audit/rules.d/audit_time_rules.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F key=audit_time_rules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - adjtimex
          syscall_grouping:
          - adjtimex
          - settimeofday
          - stime
    
      - name: Check existence of adjtimex in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F key=audit_time_rules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - audit_arch == "b64"
      tags:
      - CCE-83840-9
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_adjtimex
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,{{ -a%20always%2Cexit%20-F%20arch%3Db64%20-S%20adjtimex%20-k%20audit_time_rules%0A-a%20always%2Cexit%20-F%20arch%3Db32%20-S%20adjtimex%20-k%20audit_time_rules%0A }}
            mode: 0600
            path: /etc/audit/rules.d/75-syscall-adjtimex.rules
            overwrite: true
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit adjtimex  oval:ssg-test_32bit_art_adjtimex_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_art_adjtimex_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b32.*(-S[\s]+adjtimex[\s]+|([\s]+|[,])adjtimex([\s]+|[,])).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit adjtimex  oval:ssg-test_64bit_art_adjtimex_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_art_adjtimex_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b64.*(-S[\s]+adjtimex[\s]+|([\s]+|[,])adjtimex([\s]+|[,])).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit adjtimex  oval:ssg-test_32bit_art_adjtimex_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_art_adjtimex_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b32.*(-S[\s]+adjtimex[\s]+|([\s]+|[,])adjtimex([\s]+|[,])).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit adjtimex  oval:ssg-test_64bit_art_adjtimex_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_art_adjtimex_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b64.*(-S[\s]+adjtimex[\s]+|([\s]+|[,])adjtimex([\s]+|[,])).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Record Attempts to Alter Time Through clock_settimexccdf_org.ssgproject.content_rule_audit_rules_time_clock_settime mediumCCE-83837-5

Record Attempts to Alter Time Through clock_settime

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_time_clock_settime
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_time_clock_settime:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83837-5

References:  BP28(R73), 1, 11, 12, 13, 14, 15, 16, 19, 2, 3, 4, 5, 6, 7, 8, 9, 5.4.1.1, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO12.06, APO13.01, BAI03.05, BAI08.02, DSS01.03, DSS01.04, DSS02.02, DSS02.04, DSS02.07, DSS03.01, DSS03.05, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-001487, CCI-000169, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.2.3.10, 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.3.6.6, 4.3.4.4.7, 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 1.13, SR 2.10, SR 2.11, SR 2.12, SR 2.6, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 6.1, SR 6.2, SR 7.1, SR 7.6, A.11.2.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.7, A.15.2.1, A.15.2.2, A.16.1.4, A.16.1.5, A.16.1.7, A.6.2.1, A.6.2.2, AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.AE-3, DE.AE-5, DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.AC-3, PR.PT-1, PR.PT-4, RS.AN-1, RS.AN-4, Req-10.4.2.b, 10.6.3, 4.1.3.4

Description
If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following line to a file with suffix .rules in the directory /etc/audit/rules.d:
-a always,exit -F arch=b32 -S clock_settime -F a0=0x0 -F key=time-change
If the system is 64 bit then also add the following line:
-a always,exit -F arch=b64 -S clock_settime -F a0=0x0 -F key=time-change
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following line to /etc/audit/audit.rules file:
-a always,exit -F arch=b32 -S clock_settime -F a0=0x0 -F key=time-change
If the system is 64 bit then also add the following line:
-a always,exit -F arch=b64 -S clock_settime -F a0=0x0 -F key=time-change
The -k option allows for the specification of a key in string form that can be used for better reporting capability through ausearch and aureport. Multiple system calls can be defined on the same line to save space if desired, but is not required. See an example of multiple combined syscalls:
-a always,exit -F arch=b64 -S adjtimex,settimeofday -F key=audit_time_rules
Rationale
Arbitrary changes to the system time can be used to obfuscate nefarious activities in log files, as well as to confuse network services that are highly dependent upon an accurate system time (such as sshd). All changes to the system time should be audited.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    # First perform the remediation of the syscall rule
    # Retrieve hardware architecture of the underlying system
    [ "$(getconf LONG_BIT)" = "32" ] && RULE_ARCHS=("b32") || RULE_ARCHS=("b32" "b64")
    
    for ARCH in "${RULE_ARCHS[@]}"
    do
        ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
        OTHER_FILTERS="-F a0=0x0"
        AUID_FILTERS=""
        SYSCALL="clock_settime"
        KEY="time-change"
        SYSCALL_GROUPING=""
        # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
        unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    # If audit tool is 'augenrules', then check if the audit rule is defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
    # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
    default_file="/etc/audit/rules.d/$KEY.rules"
    # As other_filters may include paths, lets use a different delimiter for it
    # The "F" script expression tells sed to print the filenames where the expressions matched
    readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
    # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
    if [ ${#files_to_inspect[@]} -eq "0" ]
    then
        file_to_inspect="/etc/audit/rules.d/$KEY.rules"
        files_to_inspect=("$file_to_inspect")
        if [ ! -e "$file_to_inspect" ]
        then
            touch "$file_to_inspect"
            chmod 0640 "$file_to_inspect"
        fi
    fi
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
        unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    
    # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # file to the list of files to be inspected
    default_file="/etc/audit/audit.rules"
    files_to_inspect+=('/etc/audit/audit.rules' )
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    done
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83837-5
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_clock_settime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Set architecture for audit tasks
      set_fact:
        audit_arch: b64
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - ansible_architecture == "aarch64" or ansible_architecture == "ppc64" or ansible_architecture
        == "ppc64le" or ansible_architecture == "s390x" or ansible_architecture == "x86_64"
      tags:
      - CCE-83837-5
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_clock_settime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for clock_settime for 32bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - clock_settime
          syscall_grouping: []
    
      - name: Check existence of clock_settime in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F a0=0x0 (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/time-change.rules
        set_fact: audit_file="/etc/audit/rules.d/time-change.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F a0=0x0 (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F a0=0x0 -F
            key=time-change
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - clock_settime
          syscall_grouping: []
    
      - name: Check existence of clock_settime in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F a0=0x0 (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( -F a0=0x0 (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F a0=0x0 -F
            key=time-change
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83837-5
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_clock_settime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for clock_settime for 64bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - clock_settime
          syscall_grouping: []
    
      - name: Check existence of clock_settime in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F a0=0x0 (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/time-change.rules
        set_fact: audit_file="/etc/audit/rules.d/time-change.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( -F a0=0x0 (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F a0=0x0 -F
            key=time-change
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - clock_settime
          syscall_grouping: []
    
      - name: Check existence of clock_settime in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* -F a0=0x0 (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( -F a0=0x0 (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F a0=0x0 -F
            key=time-change
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - audit_arch == "b64"
      tags:
      - CCE-83837-5
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_clock_settime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,{{ -a%20always%2Cexit%20-F%20arch%3Db64%20-S%20clock_settime%20-F%20a0%3D0x0%20-k%20time-change%0A-a%20always%2Cexit%20-F%20arch%3Db32%20-S%20clock_settime%20-F%20a0%3D0x0%20-k%20time-change%0A }}
            mode: 0600
            path: /etc/audit/rules.d/75-syscall-clock-settime.rules
            overwrite: true
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit clock_settime  oval:ssg-test_32bit_art_clock_settime_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_art_clock_settime_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b32[\s]+(-S[\s]+clock_settime[\s]+|([\s]+|[,])clock_settime([\s]+|[,]))-F[\s]+a0=(?:0x)?0[\s]+(?:-F[\s]+key=|-k[\s]+)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit clock_settime  oval:ssg-test_64bit_art_clock_settime_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_art_clock_settime_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b64[\s]+(-S[\s]+clock_settime[\s]+|([\s]+|[,])clock_settime([\s]+|[,]))-F[\s]+a0=(?:0x)?0[\s]+(?:-F[\s]+key=|-k[\s]+)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit clock_settime  oval:ssg-test_32bit_art_clock_settime_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_art_clock_settime_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b32[\s]+(-S[\s]+clock_settime[\s]+|([\s]+|[,])clock_settime([\s]+|[,]))-F[\s]+a0=(?:0x)?0[\s]+(?:-F[\s]+key=|-k[\s]+)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit clock_settime  oval:ssg-test_64bit_art_clock_settime_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_art_clock_settime_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b64[\s]+(-S[\s]+clock_settime[\s]+|([\s]+|[,])clock_settime([\s]+|[,]))-F[\s]+a0=(?:0x)?0[\s]+(?:-F[\s]+key=|-k[\s]+)[\S]+[\s]*$1
Record attempts to alter time through settimeofdayxccdf_org.ssgproject.content_rule_audit_rules_time_settimeofday mediumCCE-83836-7

Record attempts to alter time through settimeofday

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_time_settimeofday
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_time_settimeofday:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83836-7

References:  1, 11, 12, 13, 14, 15, 16, 19, 2, 3, 4, 5, 6, 7, 8, 9, 5.4.1.1, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO12.06, APO13.01, BAI03.05, BAI08.02, DSS01.03, DSS01.04, DSS02.02, DSS02.04, DSS02.07, DSS03.01, DSS03.05, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-001487, CCI-000169, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.2.3.10, 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.3.6.6, 4.3.4.4.7, 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 1.13, SR 2.10, SR 2.11, SR 2.12, SR 2.6, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 6.1, SR 6.2, SR 7.1, SR 7.6, A.11.2.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.7, A.15.2.1, A.15.2.2, A.16.1.4, A.16.1.5, A.16.1.7, A.6.2.1, A.6.2.2, AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.AE-3, DE.AE-5, DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.AC-3, PR.PT-1, PR.PT-4, RS.AN-1, RS.AN-4, Req-10.4.2.b, 10.6.3, 4.1.3.4

Description
If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following line to a file with suffix .rules in the directory /etc/audit/rules.d:
-a always,exit -F arch=b32 -S settimeofday -F key=audit_time_rules
If the system is 64 bit then also add the following line:
-a always,exit -F arch=b64 -S settimeofday -F key=audit_time_rules
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following line to /etc/audit/audit.rules file:
-a always,exit -F arch=b32 -S settimeofday -F key=audit_time_rules
If the system is 64 bit then also add the following line:
-a always,exit -F arch=b64 -S settimeofday -F key=audit_time_rules
The -k option allows for the specification of a key in string form that can be used for better reporting capability through ausearch and aureport. Multiple system calls can be defined on the same line to save space if desired, but is not required. See an example of multiple combined syscalls:
-a always,exit -F arch=b64 -S adjtimex,settimeofday -F key=audit_time_rules
Rationale
Arbitrary changes to the system time can be used to obfuscate nefarious activities in log files, as well as to confuse network services that are highly dependent upon an accurate system time (such as sshd). All changes to the system time should be audited.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    # Retrieve hardware architecture of the underlying system
    [ "$(getconf LONG_BIT)" = "32" ] && RULE_ARCHS=("b32") || RULE_ARCHS=("b32" "b64")
    
    for ARCH in "${RULE_ARCHS[@]}"
    do
        # Create expected audit group and audit rule form for particular system call & architecture
        if [ ${ARCH} = "b32" ]
        then
            ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
            # stime system call is known at 32-bit arch (see e.g "$ ausyscall i386 stime" 's output)
            # so append it to the list of time group system calls to be audited
            SYSCALL="adjtimex settimeofday stime"
            SYSCALL_GROUPING="adjtimex settimeofday stime"
        elif [ ${ARCH} = "b64" ]
        then
            ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
            # stime system call isn't known at 64-bit arch (see "$ ausyscall x86_64 stime" 's output)
            # therefore don't add it to the list of time group system calls to be audited
            SYSCALL="adjtimex settimeofday"
            SYSCALL_GROUPING="adjtimex settimeofday"
        fi
        OTHER_FILTERS=""
        AUID_FILTERS=""
        KEY="audit_time_rules"
        # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
        unset syscall_a
        unset syscall_grouping
        unset syscall_string
        unset syscall
        unset file_to_edit
        unset rule_to_edit
        unset rule_syscalls_to_edit
        unset other_string
        unset auid_string
        unset full_rule
    
        # Load macro arguments into arrays
        read -a syscall_a <<< $SYSCALL
        read -a syscall_grouping <<< $SYSCALL_GROUPING
    
        # Create a list of audit *.rules files that should be inspected for presence and correctness
        # of a particular audit rule. The scheme is as follows:
        #
        # -----------------------------------------------------------------------------------------
        #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
        # -----------------------------------------------------------------------------------------
        #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
        # -----------------------------------------------------------------------------------------
        #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
        #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
        # -----------------------------------------------------------------------------------------
        #
        files_to_inspect=()
    
    
        # If audit tool is 'augenrules', then check if the audit rule is defined
        # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
        # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
        default_file="/etc/audit/rules.d/$KEY.rules"
        # As other_filters may include paths, lets use a different delimiter for it
        # The "F" script expression tells sed to print the filenames where the expressions matched
        readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
        # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
        if [ ${#files_to_inspect[@]} -eq "0" ]
        then
            file_to_inspect="/etc/audit/rules.d/$KEY.rules"
            files_to_inspect=("$file_to_inspect")
            if [ ! -e "$file_to_inspect" ]
            then
                touch "$file_to_inspect"
                chmod 0640 "$file_to_inspect"
            fi
        fi
    
        # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
        skip=1
    
        for audit_file in "${files_to_inspect[@]}"
        do
            # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
            # i.e, collect rules that match:
            # * the action, list and arch, (2-nd argument)
            # * the other filters, (3-rd argument)
            # * the auid filters, (4-rd argument)
            readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
            candidate_rules=()
            # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
            for s_rule in "${similar_rules[@]}"
            do
                # Strip all the options and fields we know of,
                # than check if there was any field left over
                extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
                grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
            done
    
            if [[ ${#syscall_a[@]} -ge 1 ]]
            then
                # Check if the syscall we want is present in any of the similar existing rules
                for rule in "${candidate_rules[@]}"
                do
                    rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                    all_syscalls_found=0
                    for syscall in "${syscall_a[@]}"
                    do
                        grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                           # A syscall was not found in the candidate rule
                           all_syscalls_found=1
                           }
                    done
                    if [[ $all_syscalls_found -eq 0 ]]
                    then
                        # We found a rule with all the syscall(s) we want; skip rest of macro
                        skip=0
                        break
                    fi
    
                    # Check if this rule can be grouped with our target syscall and keep track of it
                    for syscall_g in "${syscall_grouping[@]}"
                    do
                        if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                        then
                            file_to_edit=${audit_file}
                            rule_to_edit=${rule}
                            rule_syscalls_to_edit=${rule_syscalls}
                        fi
                    done
                done
            else
                # If there is any candidate rule, it is compliant; skip rest of macro
                if [ "${#candidate_rules[@]}" -gt 0 ]
                then
                    skip=0
                fi
            fi
    
            if [ "$skip" -eq 0 ]; then
                break
            fi
        done
    
        if [ "$skip" -ne 0 ]; then
            # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
            # At this point we know if we need to either append the $full_rule or group
            # the syscall together with an exsiting rule
    
            # Append the full_rule if it cannot be grouped to any other rule
            if [ -z ${rule_to_edit+x} ]
            then
                # Build full_rule while avoid adding double spaces when other_filters is empty
                if [ "${#syscall_a[@]}" -gt 0 ]
                then
                    syscall_string=""
                    for syscall in "${syscall_a[@]}"
                    do
                        syscall_string+=" -S $syscall"
                    done
                fi
                other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
                auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
                full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
                echo "$full_rule" >> "$default_file"
                chmod o-rwx ${default_file}
            else
                # Check if the syscalls are declared as a comma separated list or
                # as multiple -S parameters
                if grep -q -- "," <<< "${rule_syscalls_to_edit}"
                then
                    delimiter=","
                else
                    delimiter=" -S "
                fi
                new_grouped_syscalls="${rule_syscalls_to_edit}"
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                       # A syscall was not found in the candidate rule
                       new_grouped_syscalls+="${delimiter}${syscall}"
                       }
                done
    
                # Group the syscall in the rule
                sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
            fi
        fi
        unset syscall_a
        unset syscall_grouping
        unset syscall_string
        unset syscall
        unset file_to_edit
        unset rule_to_edit
        unset rule_syscalls_to_edit
        unset other_string
        unset auid_string
        unset full_rule
    
        # Load macro arguments into arrays
        read -a syscall_a <<< $SYSCALL
        read -a syscall_grouping <<< $SYSCALL_GROUPING
    
        # Create a list of audit *.rules files that should be inspected for presence and correctness
        # of a particular audit rule. The scheme is as follows:
        #
        # -----------------------------------------------------------------------------------------
        #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
        # -----------------------------------------------------------------------------------------
        #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
        # -----------------------------------------------------------------------------------------
        #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
        #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
        # -----------------------------------------------------------------------------------------
        #
        files_to_inspect=()
    
    
    
        # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
        # file to the list of files to be inspected
        default_file="/etc/audit/audit.rules"
        files_to_inspect+=('/etc/audit/audit.rules' )
    
        # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
        skip=1
    
        for audit_file in "${files_to_inspect[@]}"
        do
            # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
            # i.e, collect rules that match:
            # * the action, list and arch, (2-nd argument)
            # * the other filters, (3-rd argument)
            # * the auid filters, (4-rd argument)
            readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
            candidate_rules=()
            # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
            for s_rule in "${similar_rules[@]}"
            do
                # Strip all the options and fields we know of,
                # than check if there was any field left over
                extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
                grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
            done
    
            if [[ ${#syscall_a[@]} -ge 1 ]]
            then
                # Check if the syscall we want is present in any of the similar existing rules
                for rule in "${candidate_rules[@]}"
                do
                    rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                    all_syscalls_found=0
                    for syscall in "${syscall_a[@]}"
                    do
                        grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                           # A syscall was not found in the candidate rule
                           all_syscalls_found=1
                           }
                    done
                    if [[ $all_syscalls_found -eq 0 ]]
                    then
                        # We found a rule with all the syscall(s) we want; skip rest of macro
                        skip=0
                        break
                    fi
    
                    # Check if this rule can be grouped with our target syscall and keep track of it
                    for syscall_g in "${syscall_grouping[@]}"
                    do
                        if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                        then
                            file_to_edit=${audit_file}
                            rule_to_edit=${rule}
                            rule_syscalls_to_edit=${rule_syscalls}
                        fi
                    done
                done
            else
                # If there is any candidate rule, it is compliant; skip rest of macro
                if [ "${#candidate_rules[@]}" -gt 0 ]
                then
                    skip=0
                fi
            fi
    
            if [ "$skip" -eq 0 ]; then
                break
            fi
        done
    
        if [ "$skip" -ne 0 ]; then
            # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
            # At this point we know if we need to either append the $full_rule or group
            # the syscall together with an exsiting rule
    
            # Append the full_rule if it cannot be grouped to any other rule
            if [ -z ${rule_to_edit+x} ]
            then
                # Build full_rule while avoid adding double spaces when other_filters is empty
                if [ "${#syscall_a[@]}" -gt 0 ]
                then
                    syscall_string=""
                    for syscall in "${syscall_a[@]}"
                    do
                        syscall_string+=" -S $syscall"
                    done
                fi
                other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
                auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
                full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
                echo "$full_rule" >> "$default_file"
                chmod o-rwx ${default_file}
            else
                # Check if the syscalls are declared as a comma separated list or
                # as multiple -S parameters
                if grep -q -- "," <<< "${rule_syscalls_to_edit}"
                then
                    delimiter=","
                else
                    delimiter=" -S "
                fi
                new_grouped_syscalls="${rule_syscalls_to_edit}"
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                       # A syscall was not found in the candidate rule
                       new_grouped_syscalls+="${delimiter}${syscall}"
                       }
                done
    
                # Group the syscall in the rule
                sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
            fi
        fi
    done
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83836-7
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_settimeofday
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Set architecture for audit tasks
      set_fact:
        audit_arch: b64
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - ansible_architecture == "aarch64" or ansible_architecture == "ppc64" or ansible_architecture
        == "ppc64le" or ansible_architecture == "s390x" or ansible_architecture == "x86_64"
      tags:
      - CCE-83836-7
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_settimeofday
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for settimeofday for 32bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - settimeofday
          syscall_grouping:
          - adjtimex
          - settimeofday
          - stime
    
      - name: Check existence of settimeofday in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/audit_time_rules.rules
        set_fact: audit_file="/etc/audit/rules.d/audit_time_rules.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F key=audit_time_rules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - settimeofday
          syscall_grouping:
          - adjtimex
          - settimeofday
          - stime
    
      - name: Check existence of settimeofday in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F key=audit_time_rules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83836-7
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_settimeofday
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for settimeofday for 64bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - settimeofday
          syscall_grouping:
          - adjtimex
          - settimeofday
          - stime
    
      - name: Check existence of settimeofday in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/audit_time_rules.rules
        set_fact: audit_file="/etc/audit/rules.d/audit_time_rules.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F key=audit_time_rules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - settimeofday
          syscall_grouping:
          - adjtimex
          - settimeofday
          - stime
    
      - name: Check existence of settimeofday in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F key=audit_time_rules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - audit_arch == "b64"
      tags:
      - CCE-83836-7
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_settimeofday
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,{{ -a%20always%2Cexit%20-F%20arch%3Db64%20-S%20settimeofday%20-k%20audit_time_rules%0A-a%20always%2Cexit%20-F%20arch%3Db32%20-S%20settimeofday%20-k%20audit_time_rules%0A }}
            mode: 0600
            path: /etc/audit/rules.d/75-syscall-settimeofday.rules
            overwrite: true
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit settimeofday  oval:ssg-test_32bit_art_settimeofday_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_art_settimeofday_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b32.*(-S[\s]+settimeofday[\s]+|([\s]+|[,])settimeofday([\s]+|[,])).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit settimeofday  oval:ssg-test_64bit_art_settimeofday_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_art_settimeofday_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b64.*(-S[\s]+settimeofday[\s]+|([\s]+|[,])settimeofday([\s]+|[,])).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit settimeofday  oval:ssg-test_32bit_art_settimeofday_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_art_settimeofday_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b32.*(-S[\s]+settimeofday[\s]+|([\s]+|[,])settimeofday([\s]+|[,])).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit settimeofday  oval:ssg-test_64bit_art_settimeofday_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_art_settimeofday_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b64.*(-S[\s]+settimeofday[\s]+|([\s]+|[,])settimeofday([\s]+|[,])).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Record Attempts to Alter Time Through stimexccdf_org.ssgproject.content_rule_audit_rules_time_stime mediumCCE-83835-9

Record Attempts to Alter Time Through stime

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_time_stime
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_time_stime:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83835-9

References:  BP28(R73), 1, 11, 12, 13, 14, 15, 16, 19, 2, 3, 4, 5, 6, 7, 8, 9, 5.4.1.1, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO12.06, APO13.01, BAI03.05, BAI08.02, DSS01.03, DSS01.04, DSS02.02, DSS02.04, DSS02.07, DSS03.01, DSS03.05, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-001487, CCI-000169, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.2.3.10, 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.3.6.6, 4.3.4.4.7, 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 1.13, SR 2.10, SR 2.11, SR 2.12, SR 2.6, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 6.1, SR 6.2, SR 7.1, SR 7.6, A.11.2.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.7, A.15.2.1, A.15.2.2, A.16.1.4, A.16.1.5, A.16.1.7, A.6.2.1, A.6.2.2, AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.AE-3, DE.AE-5, DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.AC-3, PR.PT-1, PR.PT-4, RS.AN-1, RS.AN-4, Req-10.4.2.b, 10.6.3, 4.1.3.4

Description
If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following line to a file with suffix .rules in the directory /etc/audit/rules.d for both 32 bit and 64 bit systems:
-a always,exit -F arch=b32 -S stime -F key=audit_time_rules
Since the 64 bit version of the "stime" system call is not defined in the audit lookup table, the corresponding "-F arch=b64" form of this rule is not expected to be defined on 64 bit systems (the aforementioned "-F arch=b32" stime rule form itself is sufficient for both 32 bit and 64 bit systems). If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following line to /etc/audit/audit.rules file for both 32 bit and 64 bit systems:
-a always,exit -F arch=b32 -S stime -F key=audit_time_rules
Since the 64 bit version of the "stime" system call is not defined in the audit lookup table, the corresponding "-F arch=b64" form of this rule is not expected to be defined on 64 bit systems (the aforementioned "-F arch=b32" stime rule form itself is sufficient for both 32 bit and 64 bit systems). The -k option allows for the specification of a key in string form that can be used for better reporting capability through ausearch and aureport. Multiple system calls can be defined on the same line to save space if desired, but is not required. See an example of multiple combined system calls:
-a always,exit -F arch=b64 -S adjtimex,settimeofday -F key=audit_time_rules
Rationale
Arbitrary changes to the system time can be used to obfuscate nefarious activities in log files, as well as to confuse network services that are highly dependent upon an accurate system time (such as sshd). All changes to the system time should be audited.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    # Retrieve hardware architecture of the underlying system
    [ "$(getconf LONG_BIT)" = "32" ] && RULE_ARCHS=("b32") || RULE_ARCHS=("b32" "b64")
    
    for ARCH in "${RULE_ARCHS[@]}"
    do
        # Create expected audit group and audit rule form for particular system call & architecture
        if [ ${ARCH} = "b32" ]
        then
            ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
            # stime system call is known at 32-bit arch (see e.g "$ ausyscall i386 stime" 's output)
            # so append it to the list of time group system calls to be audited
            SYSCALL="adjtimex settimeofday stime"
            SYSCALL_GROUPING="adjtimex settimeofday stime"
        elif [ ${ARCH} = "b64" ]
        then
            ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
            # stime system call isn't known at 64-bit arch (see "$ ausyscall x86_64 stime" 's output)
            # therefore don't add it to the list of time group system calls to be audited
            SYSCALL="adjtimex settimeofday"
            SYSCALL_GROUPING="adjtimex settimeofday"
        fi
        OTHER_FILTERS=""
        AUID_FILTERS=""
        KEY="audit_time_rules"
        # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
        unset syscall_a
        unset syscall_grouping
        unset syscall_string
        unset syscall
        unset file_to_edit
        unset rule_to_edit
        unset rule_syscalls_to_edit
        unset other_string
        unset auid_string
        unset full_rule
    
        # Load macro arguments into arrays
        read -a syscall_a <<< $SYSCALL
        read -a syscall_grouping <<< $SYSCALL_GROUPING
    
        # Create a list of audit *.rules files that should be inspected for presence and correctness
        # of a particular audit rule. The scheme is as follows:
        #
        # -----------------------------------------------------------------------------------------
        #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
        # -----------------------------------------------------------------------------------------
        #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
        # -----------------------------------------------------------------------------------------
        #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
        #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
        # -----------------------------------------------------------------------------------------
        #
        files_to_inspect=()
    
    
        # If audit tool is 'augenrules', then check if the audit rule is defined
        # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
        # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
        default_file="/etc/audit/rules.d/$KEY.rules"
        # As other_filters may include paths, lets use a different delimiter for it
        # The "F" script expression tells sed to print the filenames where the expressions matched
        readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
        # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
        if [ ${#files_to_inspect[@]} -eq "0" ]
        then
            file_to_inspect="/etc/audit/rules.d/$KEY.rules"
            files_to_inspect=("$file_to_inspect")
            if [ ! -e "$file_to_inspect" ]
            then
                touch "$file_to_inspect"
                chmod 0640 "$file_to_inspect"
            fi
        fi
    
        # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
        skip=1
    
        for audit_file in "${files_to_inspect[@]}"
        do
            # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
            # i.e, collect rules that match:
            # * the action, list and arch, (2-nd argument)
            # * the other filters, (3-rd argument)
            # * the auid filters, (4-rd argument)
            readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
            candidate_rules=()
            # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
            for s_rule in "${similar_rules[@]}"
            do
                # Strip all the options and fields we know of,
                # than check if there was any field left over
                extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
                grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
            done
    
            if [[ ${#syscall_a[@]} -ge 1 ]]
            then
                # Check if the syscall we want is present in any of the similar existing rules
                for rule in "${candidate_rules[@]}"
                do
                    rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                    all_syscalls_found=0
                    for syscall in "${syscall_a[@]}"
                    do
                        grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                           # A syscall was not found in the candidate rule
                           all_syscalls_found=1
                           }
                    done
                    if [[ $all_syscalls_found -eq 0 ]]
                    then
                        # We found a rule with all the syscall(s) we want; skip rest of macro
                        skip=0
                        break
                    fi
    
                    # Check if this rule can be grouped with our target syscall and keep track of it
                    for syscall_g in "${syscall_grouping[@]}"
                    do
                        if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                        then
                            file_to_edit=${audit_file}
                            rule_to_edit=${rule}
                            rule_syscalls_to_edit=${rule_syscalls}
                        fi
                    done
                done
            else
                # If there is any candidate rule, it is compliant; skip rest of macro
                if [ "${#candidate_rules[@]}" -gt 0 ]
                then
                    skip=0
                fi
            fi
    
            if [ "$skip" -eq 0 ]; then
                break
            fi
        done
    
        if [ "$skip" -ne 0 ]; then
            # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
            # At this point we know if we need to either append the $full_rule or group
            # the syscall together with an exsiting rule
    
            # Append the full_rule if it cannot be grouped to any other rule
            if [ -z ${rule_to_edit+x} ]
            then
                # Build full_rule while avoid adding double spaces when other_filters is empty
                if [ "${#syscall_a[@]}" -gt 0 ]
                then
                    syscall_string=""
                    for syscall in "${syscall_a[@]}"
                    do
                        syscall_string+=" -S $syscall"
                    done
                fi
                other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
                auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
                full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
                echo "$full_rule" >> "$default_file"
                chmod o-rwx ${default_file}
            else
                # Check if the syscalls are declared as a comma separated list or
                # as multiple -S parameters
                if grep -q -- "," <<< "${rule_syscalls_to_edit}"
                then
                    delimiter=","
                else
                    delimiter=" -S "
                fi
                new_grouped_syscalls="${rule_syscalls_to_edit}"
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                       # A syscall was not found in the candidate rule
                       new_grouped_syscalls+="${delimiter}${syscall}"
                       }
                done
    
                # Group the syscall in the rule
                sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
            fi
        fi
        unset syscall_a
        unset syscall_grouping
        unset syscall_string
        unset syscall
        unset file_to_edit
        unset rule_to_edit
        unset rule_syscalls_to_edit
        unset other_string
        unset auid_string
        unset full_rule
    
        # Load macro arguments into arrays
        read -a syscall_a <<< $SYSCALL
        read -a syscall_grouping <<< $SYSCALL_GROUPING
    
        # Create a list of audit *.rules files that should be inspected for presence and correctness
        # of a particular audit rule. The scheme is as follows:
        #
        # -----------------------------------------------------------------------------------------
        #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
        # -----------------------------------------------------------------------------------------
        #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
        # -----------------------------------------------------------------------------------------
        #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
        #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
        # -----------------------------------------------------------------------------------------
        #
        files_to_inspect=()
    
    
    
        # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
        # file to the list of files to be inspected
        default_file="/etc/audit/audit.rules"
        files_to_inspect+=('/etc/audit/audit.rules' )
    
        # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
        skip=1
    
        for audit_file in "${files_to_inspect[@]}"
        do
            # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
            # i.e, collect rules that match:
            # * the action, list and arch, (2-nd argument)
            # * the other filters, (3-rd argument)
            # * the auid filters, (4-rd argument)
            readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
            candidate_rules=()
            # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
            for s_rule in "${similar_rules[@]}"
            do
                # Strip all the options and fields we know of,
                # than check if there was any field left over
                extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
                grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
            done
    
            if [[ ${#syscall_a[@]} -ge 1 ]]
            then
                # Check if the syscall we want is present in any of the similar existing rules
                for rule in "${candidate_rules[@]}"
                do
                    rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                    all_syscalls_found=0
                    for syscall in "${syscall_a[@]}"
                    do
                        grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                           # A syscall was not found in the candidate rule
                           all_syscalls_found=1
                           }
                    done
                    if [[ $all_syscalls_found -eq 0 ]]
                    then
                        # We found a rule with all the syscall(s) we want; skip rest of macro
                        skip=0
                        break
                    fi
    
                    # Check if this rule can be grouped with our target syscall and keep track of it
                    for syscall_g in "${syscall_grouping[@]}"
                    do
                        if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                        then
                            file_to_edit=${audit_file}
                            rule_to_edit=${rule}
                            rule_syscalls_to_edit=${rule_syscalls}
                        fi
                    done
                done
            else
                # If there is any candidate rule, it is compliant; skip rest of macro
                if [ "${#candidate_rules[@]}" -gt 0 ]
                then
                    skip=0
                fi
            fi
    
            if [ "$skip" -eq 0 ]; then
                break
            fi
        done
    
        if [ "$skip" -ne 0 ]; then
            # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
            # At this point we know if we need to either append the $full_rule or group
            # the syscall together with an exsiting rule
    
            # Append the full_rule if it cannot be grouped to any other rule
            if [ -z ${rule_to_edit+x} ]
            then
                # Build full_rule while avoid adding double spaces when other_filters is empty
                if [ "${#syscall_a[@]}" -gt 0 ]
                then
                    syscall_string=""
                    for syscall in "${syscall_a[@]}"
                    do
                        syscall_string+=" -S $syscall"
                    done
                fi
                other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
                auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
                full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
                echo "$full_rule" >> "$default_file"
                chmod o-rwx ${default_file}
            else
                # Check if the syscalls are declared as a comma separated list or
                # as multiple -S parameters
                if grep -q -- "," <<< "${rule_syscalls_to_edit}"
                then
                    delimiter=","
                else
                    delimiter=" -S "
                fi
                new_grouped_syscalls="${rule_syscalls_to_edit}"
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                       # A syscall was not found in the candidate rule
                       new_grouped_syscalls+="${delimiter}${syscall}"
                       }
                done
    
                # Group the syscall in the rule
                sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
            fi
        fi
    done
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83835-9
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_stime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Perform remediation of Audit rules for stime syscall for x86 platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - stime
          syscall_grouping:
          - adjtimex
          - settimeofday
          - stime
    
      - name: Check existence of stime in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/audit_time_rules.rules
        set_fact: audit_file="/etc/audit/rules.d/audit_time_rules.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F key=audit_time_rules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - stime
          syscall_grouping:
          - adjtimex
          - settimeofday
          - stime
    
      - name: Check existence of stime in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F key=audit_time_rules
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83835-9
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - audit_rules_time_stime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,{{ -a%20always%2Cexit%20-F%20arch%3Db64%20-S%20stime%20-k%20audit_time_rules%0A-a%20always%2Cexit%20-F%20arch%3Db32%20-S%20stime%20-k%20audit_time_rules%0A }}
            mode: 0600
            path: /etc/audit/rules.d/75-syscall-stime.rules
            overwrite: true
    
OVAL test results details

32 bit architecture  oval:ssg-test_system_info_architecture_x86:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit stime  oval:ssg-test_32bit_art_stime_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_art_stime_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b32.*(-S[\s]+stime[\s]+|([\s]+|[,])stime([\s]+|[,])).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit stime  oval:ssg-test_32bit_art_stime_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_art_stime_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+-F[\s]+arch=b32.*(-S[\s]+stime[\s]+|([\s]+|[,])stime([\s]+|[,])).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Record Attempts to Alter the localtime Filexccdf_org.ssgproject.content_rule_audit_rules_time_watch_localtime mediumCCE-83839-1

Record Attempts to Alter the localtime File

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_time_watch_localtime
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_time_watch_localtime:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83839-1

References:  BP28(R73), 1, 11, 12, 13, 14, 15, 16, 19, 2, 3, 4, 5, 6, 7, 8, 9, 5.4.1.1, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO12.06, APO13.01, BAI03.05, BAI08.02, DSS01.03, DSS01.04, DSS02.02, DSS02.04, DSS02.07, DSS03.01, DSS03.05, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-001487, CCI-000169, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.2.3.10, 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.3.6.6, 4.3.4.4.7, 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 1.13, SR 2.10, SR 2.11, SR 2.12, SR 2.6, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 6.1, SR 6.2, SR 7.1, SR 7.6, A.11.2.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.7, A.15.2.1, A.15.2.2, A.16.1.4, A.16.1.5, A.16.1.7, A.6.2.1, A.6.2.2, AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.AE-3, DE.AE-5, DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.AC-3, PR.PT-1, PR.PT-4, RS.AN-1, RS.AN-4, Req-10.4.2.b, 10.6.3, 10.6.3, 4.1.3.4

Description
If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following line to a file with suffix .rules in the directory /etc/audit/rules.d:
-w /etc/localtime -p wa -k audit_time_rules
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following line to /etc/audit/audit.rules file:
-w /etc/localtime -p wa -k audit_time_rules
The -k option allows for the specification of a key in string form that can be used for better reporting capability through ausearch and aureport and should always be used.
Rationale
Arbitrary changes to the system time can be used to obfuscate nefarious activities in log files, as well as to confuse network services that are highly dependent upon an accurate system time (such as sshd). All changes to the system time should be audited.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/localtime" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/localtime $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/localtime$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/localtime -p wa -k audit_time_rules" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/audit_time_rules.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/localtime" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/audit_time_rules.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/audit_time_rules.rules"
        # If the audit_time_rules.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/localtime" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/localtime $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/localtime$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/localtime -p wa -k audit_time_rules" >> "$audit_rules_file"
        fi
    done
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83839-1
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - PCI-DSSv4-10.6.3
      - audit_rules_time_watch_localtime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/localtime already exists in /etc/audit/rules.d/
      find:
        paths: /etc/audit/rules.d
        contains: ^\s*-w\s+/etc/localtime\s+-p\s+wa(\s|$)+
        patterns: '*.rules'
      register: find_existing_watch_rules_d
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83839-1
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - PCI-DSSv4-10.6.3
      - audit_rules_time_watch_localtime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Search /etc/audit/rules.d for other rules with specified key audit_time_rules
      find:
        paths: /etc/audit/rules.d
        contains: ^.*(?:-F key=|-k\s+)audit_time_rules$
        patterns: '*.rules'
      register: find_watch_key
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83839-1
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - PCI-DSSv4-10.6.3
      - audit_rules_time_watch_localtime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use /etc/audit/rules.d/audit_time_rules.rules as the recipient for the rule
      set_fact:
        all_files:
        - /etc/audit/rules.d/audit_time_rules.rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched == 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83839-1
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - PCI-DSSv4-10.6.3
      - audit_rules_time_watch_localtime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use matched file as the recipient for the rule
      set_fact:
        all_files:
        - '{{ find_watch_key.files | map(attribute=''path'') | list | first }}'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched > 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83839-1
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - PCI-DSSv4-10.6.3
      - audit_rules_time_watch_localtime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/localtime in /etc/audit/rules.d/
      lineinfile:
        path: '{{ all_files[0] }}'
        line: -w /etc/localtime -p wa -k audit_time_rules
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83839-1
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - PCI-DSSv4-10.6.3
      - audit_rules_time_watch_localtime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/localtime already exists in /etc/audit/audit.rules
      find:
        paths: /etc/audit/
        contains: ^\s*-w\s+/etc/localtime\s+-p\s+wa(\s|$)+
        patterns: audit.rules
      register: find_existing_watch_audit_rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83839-1
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - PCI-DSSv4-10.6.3
      - audit_rules_time_watch_localtime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/localtime in /etc/audit/audit.rules
      lineinfile:
        line: -w /etc/localtime -p wa -k audit_time_rules
        state: present
        dest: /etc/audit/audit.rules
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_audit_rules.matched is defined and find_existing_watch_audit_rules.matched
        == 0
      tags:
      - CCE-83839-1
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.4.2.b
      - PCI-DSSv4-10.6.3
      - PCI-DSSv4-10.6.3
      - audit_rules_time_watch_localtime
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,{{ -w%20/etc/localtime%20-p%20wa%20-k%20audit_time_rules%0A }}
            mode: 0600
            path: /etc/audit/rules.d/75-etclocaltime-wa-audit_time_rules.rules
            overwrite: true
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit /etc/localtime watch augenrules  oval:ssg-test_artw_etc_localtime_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_artw_etc_localtime_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-w[\s]+\/etc\/localtime[\s]+-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit /etc/localtime watch auditctl  oval:ssg-test_artw_etc_localtime_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_artw_etc_localtime_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-w[\s]+\/etc\/localtime[\s]+-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1
Record Events that Modify the System's Network Environmentxccdf_org.ssgproject.content_rule_audit_rules_networkconfig_modification mediumCCE-83706-2

Record Events that Modify the System's Network Environment

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_networkconfig_modification
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_networkconfig_modification:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83706-2

References:  BP28(R73), 1, 11, 12, 13, 14, 15, 16, 19, 2, 3, 4, 5, 6, 7, 8, 9, 5.4.1.1, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO12.06, APO13.01, BAI03.05, BAI08.02, DSS01.03, DSS01.04, DSS02.02, DSS02.04, DSS02.07, DSS03.01, DSS03.05, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.2.3.10, 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.3.6.6, 4.3.4.4.7, 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 1.13, SR 2.10, SR 2.11, SR 2.12, SR 2.6, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 6.1, SR 6.2, SR 7.1, SR 7.6, A.11.2.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.7, A.15.2.1, A.15.2.2, A.16.1.4, A.16.1.5, A.16.1.7, A.6.2.1, A.6.2.2, AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.AE-3, DE.AE-5, DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.AC-3, PR.PT-1, PR.PT-4, RS.AN-1, RS.AN-4, Req-10.5.5, 10.3.4, 4.1.3.5

Description
If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following lines to a file with suffix .rules in the directory /etc/audit/rules.d, setting ARCH to either b32 or b64 as appropriate for your system:
-a always,exit -F arch=ARCH -S sethostname,setdomainname -F key=audit_rules_networkconfig_modification
    -w /etc/issue -p wa -k audit_rules_networkconfig_modification
    -w /etc/issue.net -p wa -k audit_rules_networkconfig_modification
    -w /etc/hosts -p wa -k audit_rules_networkconfig_modification
    -w /etc/sysconfig/network -p wa -k audit_rules_networkconfig_modification
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following lines to /etc/audit/audit.rules file, setting ARCH to either b32 or b64 as appropriate for your system:
-a always,exit -F arch=ARCH -S sethostname,setdomainname -F key=audit_rules_networkconfig_modification
    -w /etc/issue -p wa -k audit_rules_networkconfig_modification
    -w /etc/issue.net -p wa -k audit_rules_networkconfig_modification
    -w /etc/hosts -p wa -k audit_rules_networkconfig_modification
    -w /etc/sysconfig/network -p wa -k audit_rules_networkconfig_modification
Rationale
The network environment should not be modified by anything other than administrator action. Any change to network parameters should be audited.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    # First perform the remediation of the syscall rule
    # Retrieve hardware architecture of the underlying system
    [ "$(getconf LONG_BIT)" = "32" ] && RULE_ARCHS=("b32") || RULE_ARCHS=("b32" "b64")
    
    for ARCH in "${RULE_ARCHS[@]}"
    do
        ACTION_ARCH_FILTERS="-a always,exit -F arch=$ARCH"
        OTHER_FILTERS=""
        AUID_FILTERS=""
        SYSCALL="sethostname setdomainname"
        KEY="audit_rules_networkconfig_modification"
        SYSCALL_GROUPING="sethostname setdomainname"
        # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
        unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    # If audit tool is 'augenrules', then check if the audit rule is defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to the list for inspection
    # If rule isn't defined yet, add '/etc/audit/rules.d/$key.rules' to the list for inspection
    default_file="/etc/audit/rules.d/$KEY.rules"
    # As other_filters may include paths, lets use a different delimiter for it
    # The "F" script expression tells sed to print the filenames where the expressions matched
    readarray -t files_to_inspect < <(sed -s -n -e "/^$ACTION_ARCH_FILTERS/!d" -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" -e "F" /etc/audit/rules.d/*.rules)
    # Case when particular rule isn't defined in /etc/audit/rules.d/*.rules yet
    if [ ${#files_to_inspect[@]} -eq "0" ]
    then
        file_to_inspect="/etc/audit/rules.d/$KEY.rules"
        files_to_inspect=("$file_to_inspect")
        if [ ! -e "$file_to_inspect" ]
        then
            touch "$file_to_inspect"
            chmod 0640 "$file_to_inspect"
        fi
    fi
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
        unset syscall_a
    unset syscall_grouping
    unset syscall_string
    unset syscall
    unset file_to_edit
    unset rule_to_edit
    unset rule_syscalls_to_edit
    unset other_string
    unset auid_string
    unset full_rule
    
    # Load macro arguments into arrays
    read -a syscall_a <<< $SYSCALL
    read -a syscall_grouping <<< $SYSCALL_GROUPING
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    #  Tool used to load audit rules | Rule already defined  |  Audit rules file to inspect    |
    # -----------------------------------------------------------------------------------------
    #        auditctl                |     Doesn't matter    |  /etc/audit/audit.rules         |
    # -----------------------------------------------------------------------------------------
    #        augenrules              |          Yes          |  /etc/audit/rules.d/*.rules     |
    #        augenrules              |          No           |  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    #
    files_to_inspect=()
    
    
    
    # If audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # file to the list of files to be inspected
    default_file="/etc/audit/audit.rules"
    files_to_inspect+=('/etc/audit/audit.rules' )
    
    # After converting to jinja, we cannot return; therefore we skip the rest of the macro if needed instead
    skip=1
    
    for audit_file in "${files_to_inspect[@]}"
    do
        # Filter existing $audit_file rules' definitions to select those that satisfy the rule pattern,
        # i.e, collect rules that match:
        # * the action, list and arch, (2-nd argument)
        # * the other filters, (3-rd argument)
        # * the auid filters, (4-rd argument)
        readarray -t similar_rules < <(sed -e "/^$ACTION_ARCH_FILTERS/!d"  -e "\#$OTHER_FILTERS#!d" -e "/$AUID_FILTERS/!d" "$audit_file")
    
        candidate_rules=()
        # Filter out rules that have more fields then required. This will remove rules more specific than the required scope
        for s_rule in "${similar_rules[@]}"
        do
            # Strip all the options and fields we know of,
            # than check if there was any field left over
            extra_fields=$(sed -E -e "s/^$ACTION_ARCH_FILTERS//"  -e "s#$OTHER_FILTERS##" -e "s/$AUID_FILTERS//" -e "s/((:?-S [[:alnum:],]+)+)//g" -e "s/-F key=\w+|-k \w+//"<<< "$s_rule")
            grep -q -- "-F" <<< "$extra_fields" || candidate_rules+=("$s_rule")
        done
    
        if [[ ${#syscall_a[@]} -ge 1 ]]
        then
            # Check if the syscall we want is present in any of the similar existing rules
            for rule in "${candidate_rules[@]}"
            do
                rule_syscalls=$(echo "$rule" | grep -o -P '(-S [\w,]+)+' | xargs)
                all_syscalls_found=0
                for syscall in "${syscall_a[@]}"
                do
                    grep -q -- "\b${syscall}\b" <<< "$rule_syscalls" || {
                       # A syscall was not found in the candidate rule
                       all_syscalls_found=1
                       }
                done
                if [[ $all_syscalls_found -eq 0 ]]
                then
                    # We found a rule with all the syscall(s) we want; skip rest of macro
                    skip=0
                    break
                fi
    
                # Check if this rule can be grouped with our target syscall and keep track of it
                for syscall_g in "${syscall_grouping[@]}"
                do
                    if grep -q -- "\b${syscall_g}\b" <<< "$rule_syscalls"
                    then
                        file_to_edit=${audit_file}
                        rule_to_edit=${rule}
                        rule_syscalls_to_edit=${rule_syscalls}
                    fi
                done
            done
        else
            # If there is any candidate rule, it is compliant; skip rest of macro
            if [ "${#candidate_rules[@]}" -gt 0 ]
            then
                skip=0
            fi
        fi
    
        if [ "$skip" -eq 0 ]; then
            break
        fi
    done
    
    if [ "$skip" -ne 0 ]; then
        # We checked all rules that matched the expected resemblance pattern (action, arch & auid)
        # At this point we know if we need to either append the $full_rule or group
        # the syscall together with an exsiting rule
    
        # Append the full_rule if it cannot be grouped to any other rule
        if [ -z ${rule_to_edit+x} ]
        then
            # Build full_rule while avoid adding double spaces when other_filters is empty
            if [ "${#syscall_a[@]}" -gt 0 ]
            then
                syscall_string=""
                for syscall in "${syscall_a[@]}"
                do
                    syscall_string+=" -S $syscall"
                done
            fi
            other_string=$([[ $OTHER_FILTERS ]] && echo " $OTHER_FILTERS") || /bin/true
            auid_string=$([[ $AUID_FILTERS ]] && echo " $AUID_FILTERS") || /bin/true
            full_rule="$ACTION_ARCH_FILTERS${syscall_string}${other_string}${auid_string} -F key=$KEY" || /bin/true
            echo "$full_rule" >> "$default_file"
            chmod o-rwx ${default_file}
        else
            # Check if the syscalls are declared as a comma separated list or
            # as multiple -S parameters
            if grep -q -- "," <<< "${rule_syscalls_to_edit}"
            then
                delimiter=","
            else
                delimiter=" -S "
            fi
            new_grouped_syscalls="${rule_syscalls_to_edit}"
            for syscall in "${syscall_a[@]}"
            do
                grep -q -- "\b${syscall}\b" <<< "${rule_syscalls_to_edit}" || {
                   # A syscall was not found in the candidate rule
                   new_grouped_syscalls+="${delimiter}${syscall}"
                   }
            done
    
            # Group the syscall in the rule
            sed -i -e "\#${rule_to_edit}#s#${rule_syscalls_to_edit}#${new_grouped_syscalls}#" "$file_to_edit"
        fi
    fi
    done
    
    # Then perform the remediations for the watch rules
    # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/issue" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/issue $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/issue$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/issue -p wa -k audit_rules_networkconfig_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/audit_rules_networkconfig_modification.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/issue" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/audit_rules_networkconfig_modification.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/audit_rules_networkconfig_modification.rules"
        # If the audit_rules_networkconfig_modification.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/issue" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/issue $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/issue$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/issue -p wa -k audit_rules_networkconfig_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/issue.net" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/issue.net $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/issue.net$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/issue.net -p wa -k audit_rules_networkconfig_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/audit_rules_networkconfig_modification.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/issue.net" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/audit_rules_networkconfig_modification.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/audit_rules_networkconfig_modification.rules"
        # If the audit_rules_networkconfig_modification.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/issue.net" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/issue.net $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/issue.net$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/issue.net -p wa -k audit_rules_networkconfig_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/hosts" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/hosts $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/hosts$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/hosts -p wa -k audit_rules_networkconfig_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/audit_rules_networkconfig_modification.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/hosts" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/audit_rules_networkconfig_modification.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/audit_rules_networkconfig_modification.rules"
        # If the audit_rules_networkconfig_modification.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/hosts" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/hosts $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/hosts$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/hosts -p wa -k audit_rules_networkconfig_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/sysconfig/network" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/sysconfig/network $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/sysconfig/network$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/sysconfig/network -p wa -k audit_rules_networkconfig_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/audit_rules_networkconfig_modification.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/sysconfig/network" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/audit_rules_networkconfig_modification.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/audit_rules_networkconfig_modification.rules"
        # If the audit_rules_networkconfig_modification.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/sysconfig/network" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/sysconfig/network $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/sysconfig/network$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/sysconfig/network -p wa -k audit_rules_networkconfig_modification" >> "$audit_rules_file"
        fi
    done
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Set architecture for audit tasks
      set_fact:
        audit_arch: b64
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - ansible_architecture == "aarch64" or ansible_architecture == "ppc64" or ansible_architecture
        == "ppc64le" or ansible_architecture == "s390x" or ansible_architecture == "x86_64"
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Remediate audit rules for network configuration for 32bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - sethostname
          - setdomainname
          syscall_grouping:
          - sethostname
          - setdomainname
    
      - name: Check existence of sethostname, setdomainname in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/audit_rules_networkconfig_modification.rules
        set_fact: audit_file="/etc/audit/rules.d/audit_rules_networkconfig_modification.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F key=audit_rules_networkconfig_modification
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - sethostname
          - setdomainname
          syscall_grouping:
          - sethostname
          - setdomainname
    
      - name: Check existence of sethostname, setdomainname in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b32(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b32)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b32 -S {{ syscalls | join(',') }} -F key=audit_rules_networkconfig_modification
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Remediate audit rules for network configuration for 64bit platform
      block:
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - sethostname
          - setdomainname
          syscall_grouping:
          - sethostname
          - setdomainname
    
      - name: Check existence of sethostname, setdomainname in /etc/audit/rules.d/
        find:
          paths: /etc/audit/rules.d
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: '*.rules'
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Reset syscalls found per file
        set_fact:
          syscalls_per_file: {}
          found_paths_dict: {}
    
      - name: Declare syscalls found per file
        set_fact: syscalls_per_file="{{ syscalls_per_file | combine( {item.files[0].path
          :[item.item] + syscalls_per_file.get(item.files[0].path, []) } ) }}"
        loop: '{{ find_command.results | selectattr(''matched'') | list }}'
    
      - name: Declare files where syscalls were found
        set_fact: found_paths="{{ find_command.results | map(attribute='files') | flatten
          | map(attribute='path') | list }}"
    
      - name: Count occurrences of syscalls in paths
        set_fact: found_paths_dict="{{ found_paths_dict | combine({ item:1+found_paths_dict.get(item,
          0) }) }}"
        loop: '{{ find_command.results | map(attribute=''files'') | flatten | map(attribute=''path'')
          | list }}'
    
      - name: Get path with most syscalls
        set_fact: audit_file="{{ (found_paths_dict | dict2items() | sort(attribute='value')
          | last).key }}"
        when: found_paths | length >= 1
    
      - name: No file with syscall found, set path to /etc/audit/rules.d/audit_rules_networkconfig_modification.rules
        set_fact: audit_file="/etc/audit/rules.d/audit_rules_networkconfig_modification.rules"
        when: found_paths | length == 0
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_per_file[audit_file]
            | join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F key=audit_rules_networkconfig_modification
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
    
      - name: Declare list of syscalls
        set_fact:
          syscalls:
          - sethostname
          - setdomainname
          syscall_grouping:
          - sethostname
          - setdomainname
    
      - name: Check existence of sethostname, setdomainname in /etc/audit/audit.rules
        find:
          paths: /etc/audit
          contains: -a always,exit -F arch=b64(( -S |,)\w+)*(( -S |,){{ item }})+(( -S
            |,)\w+)* (-k\s+|-F\s+key=)\S+\s*$
          patterns: audit.rules
        register: find_command
        loop: '{{ (syscall_grouping + syscalls) | unique }}'
    
      - name: Set path to /etc/audit/audit.rules
        set_fact: audit_file="/etc/audit/audit.rules"
    
      - name: Declare found syscalls
        set_fact: syscalls_found="{{ find_command.results | selectattr('matched') | map(attribute='item')
          | list }}"
    
      - name: Declare missing syscalls
        set_fact: missing_syscalls="{{ syscalls | difference(syscalls_found) }}"
    
      - name: Replace the audit rule in {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          regexp: (-a always,exit -F arch=b64)(?=.*(?:(?:-S |,)(?:{{ syscalls_found |
            join("|") }}))\b)((?:( -S |,)\w+)+)( (?:-k |-F key=)\w+)
          line: \1\2\3{{ missing_syscalls | join("\3") }}\4
          backrefs: true
          state: present
        when: syscalls_found | length > 0 and missing_syscalls | length > 0
    
      - name: Add the audit rule to {{ audit_file }}
        lineinfile:
          path: '{{ audit_file }}'
          line: -a always,exit -F arch=b64 -S {{ syscalls | join(',') }} -F key=audit_rules_networkconfig_modification
          create: true
          mode: o-rwx
          state: present
        when: syscalls_found | length == 0
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - audit_arch == "b64"
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/issue already exists in /etc/audit/rules.d/
      find:
        paths: /etc/audit/rules.d
        contains: ^\s*-w\s+/etc/issue\s+-p\s+wa(\s|$)+
        patterns: '*.rules'
      register: find_existing_watch_rules_d
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Search /etc/audit/rules.d for other rules with specified key audit_rules_networkconfig_modification
      find:
        paths: /etc/audit/rules.d
        contains: ^.*(?:-F key=|-k\s+)audit_rules_networkconfig_modification$
        patterns: '*.rules'
      register: find_watch_key
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use /etc/audit/rules.d/audit_rules_networkconfig_modification.rules as the
        recipient for the rule
      set_fact:
        all_files:
        - /etc/audit/rules.d/audit_rules_networkconfig_modification.rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched == 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use matched file as the recipient for the rule
      set_fact:
        all_files:
        - '{{ find_watch_key.files | map(attribute=''path'') | list | first }}'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched > 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/issue in /etc/audit/rules.d/
      lineinfile:
        path: '{{ all_files[0] }}'
        line: -w /etc/issue -p wa -k audit_rules_networkconfig_modification
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/issue already exists in /etc/audit/audit.rules
      find:
        paths: /etc/audit/
        contains: ^\s*-w\s+/etc/issue\s+-p\s+wa(\s|$)+
        patterns: audit.rules
      register: find_existing_watch_audit_rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/issue in /etc/audit/audit.rules
      lineinfile:
        line: -w /etc/issue -p wa -k audit_rules_networkconfig_modification
        state: present
        dest: /etc/audit/audit.rules
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_audit_rules.matched is defined and find_existing_watch_audit_rules.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/issue.net already exists in /etc/audit/rules.d/
      find:
        paths: /etc/audit/rules.d
        contains: ^\s*-w\s+/etc/issue.net\s+-p\s+wa(\s|$)+
        patterns: '*.rules'
      register: find_existing_watch_rules_d
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Search /etc/audit/rules.d for other rules with specified key audit_rules_networkconfig_modification
      find:
        paths: /etc/audit/rules.d
        contains: ^.*(?:-F key=|-k\s+)audit_rules_networkconfig_modification$
        patterns: '*.rules'
      register: find_watch_key
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use /etc/audit/rules.d/audit_rules_networkconfig_modification.rules as the
        recipient for the rule
      set_fact:
        all_files:
        - /etc/audit/rules.d/audit_rules_networkconfig_modification.rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched == 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use matched file as the recipient for the rule
      set_fact:
        all_files:
        - '{{ find_watch_key.files | map(attribute=''path'') | list | first }}'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched > 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/issue.net in /etc/audit/rules.d/
      lineinfile:
        path: '{{ all_files[0] }}'
        line: -w /etc/issue.net -p wa -k audit_rules_networkconfig_modification
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/issue.net already exists in /etc/audit/audit.rules
      find:
        paths: /etc/audit/
        contains: ^\s*-w\s+/etc/issue.net\s+-p\s+wa(\s|$)+
        patterns: audit.rules
      register: find_existing_watch_audit_rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/issue.net in /etc/audit/audit.rules
      lineinfile:
        line: -w /etc/issue.net -p wa -k audit_rules_networkconfig_modification
        state: present
        dest: /etc/audit/audit.rules
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_audit_rules.matched is defined and find_existing_watch_audit_rules.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/hosts already exists in /etc/audit/rules.d/
      find:
        paths: /etc/audit/rules.d
        contains: ^\s*-w\s+/etc/hosts\s+-p\s+wa(\s|$)+
        patterns: '*.rules'
      register: find_existing_watch_rules_d
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Search /etc/audit/rules.d for other rules with specified key audit_rules_networkconfig_modification
      find:
        paths: /etc/audit/rules.d
        contains: ^.*(?:-F key=|-k\s+)audit_rules_networkconfig_modification$
        patterns: '*.rules'
      register: find_watch_key
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use /etc/audit/rules.d/audit_rules_networkconfig_modification.rules as the
        recipient for the rule
      set_fact:
        all_files:
        - /etc/audit/rules.d/audit_rules_networkconfig_modification.rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched == 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use matched file as the recipient for the rule
      set_fact:
        all_files:
        - '{{ find_watch_key.files | map(attribute=''path'') | list | first }}'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched > 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/hosts in /etc/audit/rules.d/
      lineinfile:
        path: '{{ all_files[0] }}'
        line: -w /etc/hosts -p wa -k audit_rules_networkconfig_modification
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/hosts already exists in /etc/audit/audit.rules
      find:
        paths: /etc/audit/
        contains: ^\s*-w\s+/etc/hosts\s+-p\s+wa(\s|$)+
        patterns: audit.rules
      register: find_existing_watch_audit_rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/hosts in /etc/audit/audit.rules
      lineinfile:
        line: -w /etc/hosts -p wa -k audit_rules_networkconfig_modification
        state: present
        dest: /etc/audit/audit.rules
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_audit_rules.matched is defined and find_existing_watch_audit_rules.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/sysconfig/network already exists in /etc/audit/rules.d/
      find:
        paths: /etc/audit/rules.d
        contains: ^\s*-w\s+/etc/sysconfig/network\s+-p\s+wa(\s|$)+
        patterns: '*.rules'
      register: find_existing_watch_rules_d
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Search /etc/audit/rules.d for other rules with specified key audit_rules_networkconfig_modification
      find:
        paths: /etc/audit/rules.d
        contains: ^.*(?:-F key=|-k\s+)audit_rules_networkconfig_modification$
        patterns: '*.rules'
      register: find_watch_key
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use /etc/audit/rules.d/audit_rules_networkconfig_modification.rules as the
        recipient for the rule
      set_fact:
        all_files:
        - /etc/audit/rules.d/audit_rules_networkconfig_modification.rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched == 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use matched file as the recipient for the rule
      set_fact:
        all_files:
        - '{{ find_watch_key.files | map(attribute=''path'') | list | first }}'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched > 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/sysconfig/network in /etc/audit/rules.d/
      lineinfile:
        path: '{{ all_files[0] }}'
        line: -w /etc/sysconfig/network -p wa -k audit_rules_networkconfig_modification
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/sysconfig/network already exists in /etc/audit/audit.rules
      find:
        paths: /etc/audit/
        contains: ^\s*-w\s+/etc/sysconfig/network\s+-p\s+wa(\s|$)+
        patterns: audit.rules
      register: find_existing_watch_audit_rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/sysconfig/network in /etc/audit/audit.rules
      lineinfile:
        line: -w /etc/sysconfig/network -p wa -k audit_rules_networkconfig_modification
        state: present
        dest: /etc/audit/audit.rules
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_audit_rules.matched is defined and find_existing_watch_audit_rules.matched
        == 0
      tags:
      - CCE-83706-2
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.5.5
      - PCI-DSSv4-10.3.4
      - audit_rules_networkconfig_modification
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit /etc/issue augenrules  oval:ssg-test_arnm_etc_issue_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_arnm_etc_issue_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^\-w[\s]+/etc/issue[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit /etc/issue.net augenrules  oval:ssg-test_arnm_etc_issue_net_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_arnm_etc_issue_net_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^\-w[\s]+/etc/issue\.net[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit /etc/hosts augenrules  oval:ssg-test_arnm_etc_hosts_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_arnm_etc_hosts_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^\-w[\s]+/etc/hosts[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit /etc/sysconfig/network augenrules  oval:ssg-test_arnm_etc_sysconfig_network_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_arnm_etc_sysconfig_network_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^\-w[\s]+/etc/sysconfig/network[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit sethostname  oval:ssg-test_32bit_ardm_sethostname_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_sethostname_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+sethostname[\s]+|([\s]+|[,])sethostname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit sethostname  oval:ssg-test_64bit_ardm_sethostname_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_sethostname_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+sethostname[\s]+|([\s]+|[,])sethostname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit sethostname  oval:ssg-test_32bit_ardm_sethostname_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_sethostname_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+sethostname[\s]+|([\s]+|[,])sethostname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit sethostname  oval:ssg-test_64bit_ardm_sethostname_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_sethostname_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+sethostname[\s]+|([\s]+|[,])sethostname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit setdomainname  oval:ssg-test_32bit_ardm_setdomainname_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_setdomainname_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+setdomainname[\s]+|([\s]+|[,])setdomainname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit setdomainname  oval:ssg-test_64bit_ardm_setdomainname_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_setdomainname_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+setdomainname[\s]+|([\s]+|[,])setdomainname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit setdomainname  oval:ssg-test_32bit_ardm_setdomainname_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_setdomainname_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+setdomainname[\s]+|([\s]+|[,])setdomainname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit setdomainname  oval:ssg-test_64bit_ardm_setdomainname_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_setdomainname_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+setdomainname[\s]+|([\s]+|[,])setdomainname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit /etc/issue auditctl  oval:ssg-test_arnm_etc_issue_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_arnm_etc_issue_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^\-w[\s]+/etc/issue[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit /etc/issue.net auditctl  oval:ssg-test_arnm_etc_issue_net_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_arnm_etc_issue_net_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^\-w[\s]+/etc/issue\.net[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit /etc/hosts auditctl  oval:ssg-test_arnm_etc_hosts_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_arnm_etc_hosts_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^\-w[\s]+/etc/hosts[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit /etc/sysconfig/network auditctl  oval:ssg-test_arnm_etc_sysconfig_network_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_arnm_etc_sysconfig_network_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^\-w[\s]+/etc/sysconfig/network[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit sethostname  oval:ssg-test_32bit_ardm_sethostname_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_sethostname_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+sethostname[\s]+|([\s]+|[,])sethostname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit sethostname  oval:ssg-test_64bit_ardm_sethostname_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_sethostname_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+sethostname[\s]+|([\s]+|[,])sethostname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit sethostname  oval:ssg-test_32bit_ardm_sethostname_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_sethostname_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+sethostname[\s]+|([\s]+|[,])sethostname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit sethostname  oval:ssg-test_64bit_ardm_sethostname_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_sethostname_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+sethostname[\s]+|([\s]+|[,])sethostname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules 32-bit setdomainname  oval:ssg-test_32bit_ardm_setdomainname_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_setdomainname_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+setdomainname[\s]+|([\s]+|[,])setdomainname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit augenrules 64-bit setdomainname  oval:ssg-test_64bit_ardm_setdomainname_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_setdomainname_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+setdomainname[\s]+|([\s]+|[,])setdomainname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl 32-bit setdomainname  oval:ssg-test_32bit_ardm_setdomainname_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_32bit_ardm_setdomainname_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b32[\s]+)(?:.*(-S[\s]+setdomainname[\s]+|([\s]+|[,])setdomainname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

audit auditctl 64-bit setdomainname  oval:ssg-test_64bit_ardm_setdomainname_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_64bit_ardm_setdomainname_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^[\s]*-a[\s]+always,exit[\s]+(?:.*-F[\s]+arch=b64[\s]+)(?:.*(-S[\s]+setdomainname[\s]+|([\s]+|[,])setdomainname([\s]+|[,]))).*(-k[\s]+|-F[\s]+key=)[\S]+[\s]*$1
Ensure auditd Collects System Administrator Actionsxccdf_org.ssgproject.content_rule_audit_rules_sysadmin_actions mediumCCE-83729-4

Ensure auditd Collects System Administrator Actions

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_sysadmin_actions
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_sysadmin_actions:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83729-4

References:  BP28(R73), A.3.SEC-RHEL7, 1, 11, 12, 13, 14, 15, 16, 18, 19, 2, 3, 4, 5, 6, 7, 8, 9, 5.4.1.1, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO12.06, APO13.01, BAI03.05, BAI08.02, DSS01.03, DSS01.04, DSS02.02, DSS02.04, DSS02.07, DSS03.01, DSS03.05, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, DSS06.03, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-000126, CCI-000130, CCI-000135, CCI-000169, CCI-000172, CCI-002884, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.2.3.10, 4.3.2.6.7, 4.3.3.2.2, 4.3.3.3.9, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.8, 4.3.3.6.6, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.4.7, 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 1.1, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.10, SR 2.11, SR 2.12, SR 2.6, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 6.1, SR 6.2, SR 7.1, SR 7.6, A.11.2.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.7, A.15.2.1, A.15.2.2, A.16.1.4, A.16.1.5, A.16.1.7, A.6.1.2, A.6.2.1, A.6.2.2, A.7.1.1, A.9.1.2, A.9.2.1, A.9.2.2, A.9.2.3, A.9.2.4, A.9.2.6, A.9.3.1, A.9.4.1, A.9.4.2, A.9.4.3, A.9.4.4, A.9.4.5, AC-2(7)(b), AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.AE-3, DE.AE-5, DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.AC-1, PR.AC-3, PR.AC-4, PR.AC-6, PR.PT-1, PR.PT-4, RS.AN-1, RS.AN-4, FAU_GEN.1.1.c, Req-10.2.2, Req-10.2.5.b, 10.2.1.5, 10.2.2, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000062-GPOS-00031, SRG-OS-000304-GPOS-00121, SRG-OS-000392-GPOS-00172, SRG-OS-000462-GPOS-00206, SRG-OS-000470-GPOS-00214, SRG-OS-000471-GPOS-00215, SRG-OS-000239-GPOS-00089, SRG-OS-000240-GPOS-00090, SRG-OS-000241-GPOS-00091, SRG-OS-000303-GPOS-00120, SRG-OS-000304-GPOS-00121, SRG-OS-000466-GPOS-00210, SRG-OS-000476-GPOS-00221, SRG-APP-000026-CTR-000070, SRG-APP-000027-CTR-000075, SRG-APP-000028-CTR-000080, SRG-APP-000291-CTR-000675, SRG-APP-000292-CTR-000680, SRG-APP-000293-CTR-000685, SRG-APP-000294-CTR-000690, SRG-APP-000319-CTR-000745, SRG-APP-000320-CTR-000750, SRG-APP-000509-CTR-001305, 4.1.3.1

Description
At a minimum, the audit system should collect administrator actions for all users and root. If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following line to a file with suffix .rules in the directory /etc/audit/rules.d:
-w /etc/sudoers -p wa -k actions
    -w /etc/sudoers.d/ -p wa -k actions
If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following line to /etc/audit/audit.rules file:
-w /etc/sudoers -p wa -k actions
    -w /etc/sudoers.d/ -p wa -k actions
Rationale
The actions taken by system administrators should be audited to keep a record of what was executed on the system, as well as, for accountability purposes.

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/sudoers" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/sudoers $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/sudoers$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/sudoers -p wa -k actions" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/actions.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/sudoers" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/actions.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/actions.rules"
        # If the actions.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/sudoers" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/sudoers $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/sudoers$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/sudoers -p wa -k actions" >> "$audit_rules_file"
        fi
    done
    
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/sudoers.d/" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/sudoers.d/ $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/sudoers.d/$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/sudoers.d/ -p wa -k actions" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/actions.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/sudoers.d/" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/actions.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/actions.rules"
        # If the actions.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/sudoers.d/" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/sudoers.d/ $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/sudoers.d/$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/sudoers.d/ -p wa -k actions" >> "$audit_rules_file"
        fi
    done
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/sudoers already exists in /etc/audit/rules.d/
      find:
        paths: /etc/audit/rules.d
        contains: ^\s*-w\s+/etc/sudoers\s+-p\s+wa(\s|$)+
        patterns: '*.rules'
      register: find_existing_watch_rules_d
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Search /etc/audit/rules.d for other rules with specified key actions
      find:
        paths: /etc/audit/rules.d
        contains: ^.*(?:-F key=|-k\s+)actions$
        patterns: '*.rules'
      register: find_watch_key
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use /etc/audit/rules.d/actions.rules as the recipient for the rule
      set_fact:
        all_files:
        - /etc/audit/rules.d/actions.rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched == 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use matched file as the recipient for the rule
      set_fact:
        all_files:
        - '{{ find_watch_key.files | map(attribute=''path'') | list | first }}'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched > 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/sudoers in /etc/audit/rules.d/
      lineinfile:
        path: '{{ all_files[0] }}'
        line: -w /etc/sudoers -p wa -k actions
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/sudoers already exists in /etc/audit/audit.rules
      find:
        paths: /etc/audit/
        contains: ^\s*-w\s+/etc/sudoers\s+-p\s+wa(\s|$)+
        patterns: audit.rules
      register: find_existing_watch_audit_rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/sudoers in /etc/audit/audit.rules
      lineinfile:
        line: -w /etc/sudoers -p wa -k actions
        state: present
        dest: /etc/audit/audit.rules
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_audit_rules.matched is defined and find_existing_watch_audit_rules.matched
        == 0
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/sudoers.d/ already exists in /etc/audit/rules.d/
      find:
        paths: /etc/audit/rules.d
        contains: ^\s*-w\s+/etc/sudoers.d/\s+-p\s+wa(\s|$)+
        patterns: '*.rules'
      register: find_existing_watch_rules_d
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Search /etc/audit/rules.d for other rules with specified key actions
      find:
        paths: /etc/audit/rules.d
        contains: ^.*(?:-F key=|-k\s+)actions$
        patterns: '*.rules'
      register: find_watch_key
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use /etc/audit/rules.d/actions.rules as the recipient for the rule
      set_fact:
        all_files:
        - /etc/audit/rules.d/actions.rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched == 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Use matched file as the recipient for the rule
      set_fact:
        all_files:
        - '{{ find_watch_key.files | map(attribute=''path'') | list | first }}'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_watch_key.matched is defined and find_watch_key.matched > 0 and find_existing_watch_rules_d.matched
        is defined and find_existing_watch_rules_d.matched == 0
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/sudoers.d/ in /etc/audit/rules.d/
      lineinfile:
        path: '{{ all_files[0] }}'
        line: -w /etc/sudoers.d/ -p wa -k actions
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_rules_d.matched is defined and find_existing_watch_rules_d.matched
        == 0
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Check if watch rule for /etc/sudoers.d/ already exists in /etc/audit/audit.rules
      find:
        paths: /etc/audit/
        contains: ^\s*-w\s+/etc/sudoers.d/\s+-p\s+wa(\s|$)+
        patterns: audit.rules
      register: find_existing_watch_audit_rules
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Add watch rule for /etc/sudoers.d/ in /etc/audit/audit.rules
      lineinfile:
        line: -w /etc/sudoers.d/ -p wa -k actions
        state: present
        dest: /etc/audit/audit.rules
        create: true
        mode: '0640'
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - find_existing_watch_audit_rules.matched is defined and find_existing_watch_audit_rules.matched
        == 0
      tags:
      - CCE-83729-4
      - CJIS-5.4.1.1
      - NIST-800-171-3.1.7
      - NIST-800-53-AC-2(7)(b)
      - NIST-800-53-AC-6(9)
      - NIST-800-53-AU-12(c)
      - NIST-800-53-AU-2(d)
      - NIST-800-53-CM-6(a)
      - PCI-DSS-Req-10.2.2
      - PCI-DSS-Req-10.2.5.b
      - PCI-DSSv4-10.2.1.5
      - PCI-DSSv4-10.2.2
      - audit_rules_sysadmin_actions
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,{{ -w%20/etc/sudoers.d/%20-p%20wa%20-k%20actions%0A-w%20/etc/sudoers%20-p%20wa%20-k%20actions%0A }}
            mode: 0600
            path: /etc/audit/rules.d/75-audit-sysadmin-actions.rules
            overwrite: true
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules sudoers  oval:ssg-test_audit_rules_sysadmin_actions_sudoers_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_sysadmin_actions_sudoers_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^\-w[\s]+/etc/sudoers[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit augenrules sudoers  oval:ssg-test_audit_rules_sysadmin_actions_sudoers_d_augenrules:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_sysadmin_actions_sudoers_d_augenrules:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^\-w[\s]+/etc/sudoers\.d/[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit auditctl sudoers  oval:ssg-test_audit_rules_sysadmin_actions_sudoers_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_sysadmin_actions_sudoers_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^\-w[\s]+/etc/sudoers[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit auditctl sudoers  oval:ssg-test_audit_rules_sysadmin_actions_sudoers_d_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_sysadmin_actions_sudoers_d_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^\-w[\s]+/etc/sudoers\.d/[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1
Record Events that Modify User/Group Informationxccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification mediumCCE-83715-3

Record Events that Modify User/Group Information

Rule IDxccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-audit_rules_usergroup_modification:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83715-3

References:  1, 11, 12, 13, 14, 15, 16, 18, 19, 2, 3, 4, 5, 6, 7, 8, 9, 5.4.1.1, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO12.06, APO13.01, BAI03.05, BAI08.02, DSS01.03, DSS01.04, DSS02.02, DSS02.04, DSS02.07, DSS03.01, DSS03.05, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, DSS06.03, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.1.7, CCI-000018, CCI-000130, CCI-000172, CCI-001403, CCI-002130, 4.2.3.10, 4.3.2.6.7, 4.3.3.2.2, 4.3.3.3.9, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.8, 4.3.3.6.6, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.4.7, 4.3.4.5.6, 4.3.4.5.7, 4.3.4.5.8, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 1.1, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.10, SR 2.11, SR 2.12, SR 2.6, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 6.1, SR 6.2, SR 7.1, SR 7.6, A.11.2.6, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.7, A.15.2.1, A.15.2.2, A.16.1.4, A.16.1.5, A.16.1.7, A.6.1.2, A.6.2.1, A.6.2.2, A.7.1.1, A.9.1.2, A.9.2.1, A.9.2.2, A.9.2.3, A.9.2.4, A.9.2.6, A.9.3.1, A.9.4.1, A.9.4.2, A.9.4.3, A.9.4.4, A.9.4.5, CIP-004-6 R2.2.2, CIP-004-6 R2.2.3, CIP-007-3 R.1.3, CIP-007-3 R5, CIP-007-3 R5.1.1, CIP-007-3 R5.1.3, CIP-007-3 R5.2.1, CIP-007-3 R5.2.3, AC-2(4), AU-2(d), AU-12(c), AC-6(9), CM-6(a), DE.AE-3, DE.AE-5, DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.AC-1, PR.AC-3, PR.AC-4, PR.AC-6, PR.PT-1, PR.PT-4, RS.AN-1, RS.AN-4, Req-10.2.5, 10.2.1.5, SRG-OS-000004-GPOS-00004, SRG-OS-000037-GPOS-00015, SRG-OS-000042-GPOS-00020, SRG-OS-000239-GPOS-00089, SRG-OS-000241-GPOS-00090, SRG-OS-000241-GPOS-00091, SRG-OS-000303-GPOS-00120, SRG-OS-000392-GPOS-00172, SRG-OS-000462-GPOS-00206, SRG-OS-000471-GPOS-00215, SRG-OS-000476-GPOS-00221, SRG-APP-000026-CTR-000070, SRG-APP-000027-CTR-000075, SRG-APP-000028-CTR-000080, SRG-APP-000291-CTR-000675, SRG-APP-000292-CTR-000680, SRG-APP-000293-CTR-000685, SRG-APP-000294-CTR-000690, SRG-APP-000319-CTR-000745, SRG-APP-000320-CTR-000750, SRG-APP-000509-CTR-001305

Description
If the auditd daemon is configured to use the augenrules program to read audit rules during daemon startup (the default), add the following lines to a file with suffix .rules in the directory /etc/audit/rules.d, in order to capture events that modify account changes:
-w /etc/group -p wa -k audit_rules_usergroup_modification
    -w /etc/passwd -p wa -k audit_rules_usergroup_modification
    -w /etc/gshadow -p wa -k audit_rules_usergroup_modification
    -w /etc/shadow -p wa -k audit_rules_usergroup_modification
    -w /etc/security/opasswd -p wa -k audit_rules_usergroup_modification

If the auditd daemon is configured to use the auditctl utility to read audit rules during daemon startup, add the following lines to /etc/audit/audit.rules file, in order to capture events that modify account changes:
-w /etc/group -p wa -k audit_rules_usergroup_modification
    -w /etc/passwd -p wa -k audit_rules_usergroup_modification
    -w /etc/gshadow -p wa -k audit_rules_usergroup_modification
    -w /etc/shadow -p wa -k audit_rules_usergroup_modification
    -w /etc/security/opasswd -p wa -k audit_rules_usergroup_modification
Rationale
In addition to auditing new user and group accounts, these watches will alert the system administrator(s) to any modifications. Any unexpected users, groups, or modifications should be investigated for legitimacy.
Warnings
warning  This rule checks for multiple syscalls related to account changes; it was written with DISA STIG in mind. Other policies should use a separate rule for each syscall that needs to be checked. For example:
  • audit_rules_usergroup_modification_group
  • audit_rules_usergroup_modification_gshadow
  • audit_rules_usergroup_modification_passwd

# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    # Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/group" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/group $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/group$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/group -p wa -k audit_rules_usergroup_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/audit_rules_usergroup_modification.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/group" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/audit_rules_usergroup_modification.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/audit_rules_usergroup_modification.rules"
        # If the audit_rules_usergroup_modification.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/group" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/group $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/group$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/group -p wa -k audit_rules_usergroup_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/passwd" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/passwd $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/passwd$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/passwd -p wa -k audit_rules_usergroup_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/audit_rules_usergroup_modification.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/passwd" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/audit_rules_usergroup_modification.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/audit_rules_usergroup_modification.rules"
        # If the audit_rules_usergroup_modification.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/passwd" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/passwd $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/passwd$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/passwd -p wa -k audit_rules_usergroup_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/gshadow" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/gshadow $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/gshadow$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/gshadow -p wa -k audit_rules_usergroup_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/audit_rules_usergroup_modification.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/gshadow" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/audit_rules_usergroup_modification.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/audit_rules_usergroup_modification.rules"
        # If the audit_rules_usergroup_modification.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/gshadow" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/gshadow $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/gshadow$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/gshadow -p wa -k audit_rules_usergroup_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/shadow" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/shadow $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/shadow$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/shadow -p wa -k audit_rules_usergroup_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/audit_rules_usergroup_modification.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/shadow" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/audit_rules_usergroup_modification.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/audit_rules_usergroup_modification.rules"
        # If the audit_rules_usergroup_modification.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/shadow" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/shadow $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/shadow$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/shadow -p wa -k audit_rules_usergroup_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    
    # If the audit tool is 'auditctl', then add '/etc/audit/audit.rules'
    # into the list of files to be inspected
    files_to_inspect+=('/etc/audit/audit.rules')
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/security/opasswd" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/security/opasswd $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/security/opasswd$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/security/opasswd -p wa -k audit_rules_usergroup_modification" >> "$audit_rules_file"
        fi
    done
    # Create a list of audit *.rules files that should be inspected for presence and correctness
    # of a particular audit rule. The scheme is as follows:
    #
    # -----------------------------------------------------------------------------------------
    # Tool used to load audit rules	| Rule already defined	|  Audit rules file to inspect	  |
    # -----------------------------------------------------------------------------------------
    #	auditctl		|     Doesn't matter	|  /etc/audit/audit.rules	  |
    # -----------------------------------------------------------------------------------------
    # 	augenrules		|          Yes		|  /etc/audit/rules.d/*.rules	  |
    # 	augenrules		|          No		|  /etc/audit/rules.d/$key.rules  |
    # -----------------------------------------------------------------------------------------
    files_to_inspect=()
    
    # If the audit is 'augenrules', then check if rule is already defined
    # If rule is defined, add '/etc/audit/rules.d/*.rules' to list of files for inspection.
    # If rule isn't defined, add '/etc/audit/rules.d/audit_rules_usergroup_modification.rules' to list of files for inspection.
    readarray -t matches < <(grep -HP "[\s]*-w[\s]+/etc/security/opasswd" /etc/audit/rules.d/*.rules)
    
    # For each of the matched entries
    for match in "${matches[@]}"
    do
        # Extract filepath from the match
        rulesd_audit_file=$(echo $match | cut -f1 -d ':')
        # Append that path into list of files for inspection
        files_to_inspect+=("$rulesd_audit_file")
    done
    # Case when particular audit rule isn't defined yet
    if [ "${#files_to_inspect[@]}" -eq "0" ]
    then
        # Append '/etc/audit/rules.d/audit_rules_usergroup_modification.rules' into list of files for inspection
        key_rule_file="/etc/audit/rules.d/audit_rules_usergroup_modification.rules"
        # If the audit_rules_usergroup_modification.rules file doesn't exist yet, create it with correct permissions
        if [ ! -e "$key_rule_file" ]
        then
            touch "$key_rule_file"
            chmod 0640 "$key_rule_file"
        fi
        files_to_inspect+=("$key_rule_file")
    fi
    
    # Finally perform the inspection and possible subsequent audit rule
    # correction for each of the files previously identified for inspection
    for audit_rules_file in "${files_to_inspect[@]}"
    do
        # Check if audit watch file system object rule for given path already present
        if grep -q -P -- "^[\s]*-w[\s]+/etc/security/opasswd" "$audit_rules_file"
        then
            # Rule is found => verify yet if existing rule definition contains
            # all of the required access type bits
    
            # Define BRE whitespace class shortcut
            sp="[[:space:]]"
            # Extract current permission access types (e.g. -p [r|w|x|a] values) from audit rule
            current_access_bits=$(sed -ne "s#$sp*-w$sp\+/etc/security/opasswd $sp\+-p$sp\+\([rxwa]\{1,4\}\).*#\1#p" "$audit_rules_file")
            # Split required access bits string into characters array
            # (to check bit's presence for one bit at a time)
            for access_bit in $(echo "wa" | grep -o .)
            do
                # For each from the required access bits (e.g. 'w', 'a') check
                # if they are already present in current access bits for rule.
                # If not, append that bit at the end
                if ! grep -q "$access_bit" <<< "$current_access_bits"
                then
                    # Concatenate the existing mask with the missing bit
                    current_access_bits="$current_access_bits$access_bit"
                fi
            done
            # Propagate the updated rule's access bits (original + the required
            # ones) back into the /etc/audit/audit.rules file for that rule
            sed -i "s#\($sp*-w$sp\+/etc/security/opasswd$sp\+-p$sp\+\)\([rxwa]\{1,4\}\)\(.*\)#\1$current_access_bits\3#" "$audit_rules_file"
        else
            # Rule isn't present yet. Append it at the end of $audit_rules_file file
            # with proper key
    
            echo "-w /etc/security/opasswd -p wa -k audit_rules_usergroup_modification" >> "$audit_rules_file"
        fi
    done
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    
OVAL test results details

audit augenrules  oval:ssg-test_audit_rules_augenrules:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/systemd/system/auditd.serviceExecStartPost=-/sbin/augenrules --load

audit augenrules /etc/group  oval:ssg-test_audit_rules_usergroup_modification_etc_group_augen:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_usergroup_modification_etc_group_augen:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^\-w[\s]+/etc/group[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit augenrules /etc/passwd  oval:ssg-test_audit_rules_usergroup_modification_etc_passwd_augen:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_usergroup_modification_etc_passwd_augen:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^\-w[\s]+/etc/passwd[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit augenrules /etc/gshadow  oval:ssg-test_audit_rules_usergroup_modification_etc_gshadow_augen:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_usergroup_modification_etc_gshadow_augen:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^\-w[\s]+/etc/gshadow[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit augenrules /etc/shadow  oval:ssg-test_audit_rules_usergroup_modification_etc_shadow_augen:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_usergroup_modification_etc_shadow_augen:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^\-w[\s]+/etc/shadow[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit augenrules /etc/security/opasswd  oval:ssg-test_audit_rules_usergroup_modification_etc_security_opasswd_augen:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_usergroup_modification_etc_security_opasswd_augen:obj:1 of type textfilecontent54_object
FilepathPatternInstance
^/etc/audit/rules\.d/.*\.rules$^\-w[\s]+/etc/security/opasswd[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit auditctl  oval:ssg-test_audit_rules_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/usr/lib/systemd/system/auditd.service^ExecStartPost=\-\/sbin\/auditctl.*$1

audit /etc/group  oval:ssg-test_audit_rules_usergroup_modification_etc_group_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_usergroup_modification_etc_group_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^\-w[\s]+/etc/group[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit /etc/passwd  oval:ssg-test_audit_rules_usergroup_modification_etc_passwd_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_usergroup_modification_etc_passwd_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^\-w[\s]+/etc/passwd[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit /etc/gshadow  oval:ssg-test_audit_rules_usergroup_modification_etc_gshadow_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_usergroup_modification_etc_gshadow_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^\-w[\s]+/etc/gshadow[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit /etc/shadow  oval:ssg-test_audit_rules_usergroup_modification_etc_shadow_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_usergroup_modification_etc_shadow_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^\-w[\s]+/etc/shadow[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1

audit /etc/security/opasswd  oval:ssg-test_audit_rules_usergroup_modification_etc_security_opasswd_auditctl:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_audit_rules_usergroup_modification_etc_security_opasswd_auditctl:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/audit/audit.rules^\-w[\s]+/etc/security/opasswd[\s]+\-p[\s]+\b([rx]*w[rx]*a[rx]*|[rx]*a[rx]*w[rx]*)\b.*$1
Configure auditd flush priorityxccdf_org.ssgproject.content_rule_auditd_data_retention_flush mediumCCE-83685-8

Configure auditd flush priority

Rule IDxccdf_org.ssgproject.content_rule_auditd_data_retention_flush
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-auditd_data_retention_flush:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83685-8

References:  1, 12, 13, 14, 15, 16, 2, 3, 5, 6, 7, 8, 9, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, BAI03.05, DSS01.03, DSS03.05, DSS05.02, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, 3.3.1, CCI-001576, 164.308(a)(1)(ii)(D), 164.308(a)(3)(ii)(A), 164.308(a)(5)(ii)(C), 164.312(a)(2)(i), 164.312(b), 164.312(d), 164.312(e), 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 2.10, SR 2.11, SR 2.12, SR 2.8, SR 2.9, SR 6.1, SR 6.2, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.14.2.7, A.15.2.1, A.15.2.2, CIP-004-6 R2.2.3, CIP-004-6 R3.3, CIP-007-3 R5.2, CIP-007-3 R5.3.1, CIP-007-3 R5.3.2, CIP-007-3 R5.3.3, CIP-007-3 R6.5, AU-11, CM-6(a), DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.PT-1, SRG-OS-000480-GPOS-00227

Description
The auditd service can be configured to synchronously write audit event data to disk. Add or correct the following line in /etc/audit/auditd.conf to ensure that audit event data is fully synchronized with the log files on the disk:
flush = incremental_async
Rationale
Audit data should be synchronously written to disk to ensure log integrity. These parameters assure that all audit event data is fully synchronized with the log files on the disk.
OVAL test results details

test the value of flush parameter in /etc/audit/auditd.conf  oval:ssg-test_auditd_data_retention_flush:tst:1  true

Following items have been found on the system:
PathContent
/etc/audit/auditd.confflush = INCREMENTAL_ASYNC
Set number of records to cause an explicit flush to audit logsxccdf_org.ssgproject.content_rule_auditd_freq mediumCCE-83704-7

Set number of records to cause an explicit flush to audit logs

Rule IDxccdf_org.ssgproject.content_rule_auditd_freq
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-auditd_freq:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83704-7

References:  CM-6, FAU_GEN.1, SRG-OS-000051-GPOS-00024, RHEL-09-653095, SV-258168r926491_rule

Description
To configure Audit daemon to issue an explicit flush to disk command after writing 50 records, set freq to 50 in /etc/audit/auditd.conf.
Rationale
If option freq isn't set to 50, the flush to disk may happen after higher number of records, increasing the danger of audit loss.
OVAL test results details

tests the value of freq setting in the /etc/audit/auditd.conf file  oval:ssg-test_auditd_freq:tst:1  true

Following items have been found on the system:
PathContent
/etc/audit/auditd.conffreq = 50
Include Local Events in Audit Logsxccdf_org.ssgproject.content_rule_auditd_local_events mediumCCE-83682-5

Include Local Events in Audit Logs

Rule IDxccdf_org.ssgproject.content_rule_auditd_local_events
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-auditd_local_events:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83682-5

References:  CCI-000366, CM-6, FAU_GEN.1, SRG-OS-000062-GPOS-00031, SRG-OS-000480-GPOS-00227, RHEL-09-653075, SV-258164r926479_rule

Description
To configure Audit daemon to include local events in Audit logs, set local_events to yes in /etc/audit/auditd.conf. This is the default setting.
Rationale
If option local_events isn't set to yes only events from network will be aggregated.
OVAL test results details

tests the value of local_events setting in the /etc/audit/auditd.conf file  oval:ssg-test_auditd_local_events:tst:1  true

Following items have been found on the system:
PathContent
/etc/audit/auditd.conflocal_events = yes
Resolve information before writing to audit logsxccdf_org.ssgproject.content_rule_auditd_log_format lowCCE-83696-5

Resolve information before writing to audit logs

Rule IDxccdf_org.ssgproject.content_rule_auditd_log_format
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-auditd_log_format:def:1
Time2024-02-25T14:39:36+08:00
Severitylow
Identifiers and References

Identifiers:  CCE-83696-5

References:  CCI-000366, CM-6, AU-3, FAU_GEN.1.2, SRG-OS-000255-GPOS-00096, SRG-OS-000480-GPOS-00227, RHEL-09-653100, SV-258169r926494_rule

Description
To configure Audit daemon to resolve all uid, gid, syscall, architecture, and socket address information before writing the events to disk, set log_format to ENRICHED in /etc/audit/auditd.conf.
Rationale
If option log_format isn't set to ENRICHED, the audit records will be stored in a format exactly as the kernel sends them.
OVAL test results details

tests the value of log_format setting in the /etc/audit/auditd.conf file  oval:ssg-test_auditd_log_format:tst:1  true

Following items have been found on the system:
PathContent
/etc/audit/auditd.conflog_format = ENRICHED
Set type of computer node name logging in audit logsxccdf_org.ssgproject.content_rule_auditd_name_format mediumCCE-83686-6

Set type of computer node name logging in audit logs

Rule IDxccdf_org.ssgproject.content_rule_auditd_name_format
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-auditd_name_format:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83686-6

References:  CCI-001851, CM-6, AU-3, FAU_GEN.1.2, SRG-OS-000039-GPOS-00017, SRG-OS-000342-GPOS-00133, SRG-OS-000479-GPOS-00224, RHEL-09-653060, SV-258161r926470_rule

Description
To configure Audit daemon to use a unique identifier as computer node name in the audit events, set name_format to hostname in /etc/audit/auditd.conf.
Rationale
If option name_format is left at its default value of none, audit events from different computers may be hard to distinguish.
Warnings
warning  Whenever the variable
var_auditd_name_format
uses a multiple value option, for example
A|B|C
, the first value will be used when remediating this rule.

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q audit; then
    
    var_auditd_name_format='hostname'
    
    
    var_auditd_name_format="$(echo $var_auditd_name_format | cut -d \| -f 1)"
    
    if [ -e "/etc/audit/auditd.conf" ] ; then
        
        LC_ALL=C sed -i "/^\s*name_format\s*=\s*/Id" "/etc/audit/auditd.conf"
    else
        touch "/etc/audit/auditd.conf"
    fi
    # make sure file has newline at the end
    sed -i -e '$a\' "/etc/audit/auditd.conf"
    
    cp "/etc/audit/auditd.conf" "/etc/audit/auditd.conf.bak"
    # Insert at the end of the file
    printf '%s\n' "name_format = $var_auditd_name_format" >> "/etc/audit/auditd.conf"
    # Clean up after ourselves.
    rm "/etc/audit/auditd.conf.bak"
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Gather the package facts
      package_facts:
        manager: auto
      tags:
      - CCE-83686-6
      - DISA-STIG-RHEL-09-653060
      - NIST-800-53-AU-3
      - NIST-800-53-CM-6
      - auditd_name_format
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    - name: XCCDF Value var_auditd_name_format # promote to variable
      set_fact:
        var_auditd_name_format: !!str hostname
      tags:
        - always
    
    - name: Set type of computer node name logging in audit logs - Define Value to Be
        Used in the Remediation
      ansible.builtin.set_fact: auditd_name_format_split="{{ var_auditd_name_format.split('|')[0]
        }}"
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83686-6
      - DISA-STIG-RHEL-09-653060
      - NIST-800-53-AU-3
      - NIST-800-53-CM-6
      - auditd_name_format
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    
    - name: Set type of computer node name logging in audit logs
      block:
    
      - name: Check for duplicate values
        lineinfile:
          path: /etc/audit/auditd.conf
          create: false
          regexp: (?i)^\s*name_format\s*=\s*
          state: absent
        check_mode: true
        changed_when: false
        register: dupes
    
      - name: Deduplicate values from /etc/audit/auditd.conf
        lineinfile:
          path: /etc/audit/auditd.conf
          create: false
          regexp: (?i)^\s*name_format\s*=\s*
          state: absent
        when: dupes.found is defined and dupes.found > 1
    
      - name: Insert correct line to /etc/audit/auditd.conf
        lineinfile:
          path: /etc/audit/auditd.conf
          create: true
          regexp: (?i)^\s*name_format\s*=\s*
          line: name_format = {{ auditd_name_format_split }}
          state: present
      when:
      - '"audit" in ansible_facts.packages'
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83686-6
      - DISA-STIG-RHEL-09-653060
      - NIST-800-53-AU-3
      - NIST-800-53-CM-6
      - auditd_name_format
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
    

Complexity:low
Disruption:low
Reboot:true
Strategy:restrict
---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,{{ %23%0A%23%20This%20file%20controls%20the%20configuration%20of%20the%20audit%20daemon%0A%23%0A%0Alocal_events%20%3D%20yes%0Awrite_logs%20%3D%20yes%0Alog_file%20%3D%20/var/log/audit/audit.log%0Alog_group%20%3D%20root%0Alog_format%20%3D%20ENRICHED%0Aflush%20%3D%20%7B%7B.var_auditd_flush%7D%7D%0Afreq%20%3D%2050%0Amax_log_file%20%3D%20%7B%7B.var_auditd_max_log_file%7D%7D%0Anum_logs%20%3D%20%7B%7B.var_auditd_num_logs%7D%7D%0Apriority_boost%20%3D%204%0Aname_format%20%3D%20hostname%0A%23%23name%20%3D%20mydomain%0Amax_log_file_action%20%3D%20%7B%7B.var_auditd_max_log_file_action%7D%7D%0Aspace_left%20%3D%20%7B%7B.var_auditd_space_left%7D%7D%0Aspace_left_action%20%3D%20%7B%7B.var_auditd_space_left_action%7D%7D%0Averify_email%20%3D%20yes%0Aaction_mail_acct%20%3D%20%7B%7B.var_auditd_action_mail_acct%7D%7D%0Aadmin_space_left%20%3D%2050%0Aadmin_space_left_action%20%3D%20syslog%0Adisk_full_action%20%3D%20%7B%7B.var_auditd_disk_full_action%7D%7D%0Adisk_error_action%20%3D%20%7B%7B.var_auditd_disk_error_action%7D%7D%0Ause_libwrap%20%3D%20yes%0A%23%23tcp_listen_port%20%3D%2060%0Atcp_listen_queue%20%3D%205%0Atcp_max_per_addr%20%3D%201%0A%23%23tcp_client_ports%20%3D%201024-65535%0Atcp_client_max_idle%20%3D%200%0Atransport%20%3D%20TCP%0Akrb5_principal%20%3D%20auditd%0A%23%23krb5_key_file%20%3D%20/etc/audit/audit.key%0Adistribute_network%20%3D%20no%0Aq_depth%20%3D%20400%0Aoverflow_action%20%3D%20syslog%0Amax_restarts%20%3D%2010%0Aplugin_dir%20%3D%20/etc/audit/plugins.d }}
            mode: 0640
            path: /etc/audit/auditd.conf
            overwrite: true
    
OVAL test results details

tests the value of name_format setting in the /etc/audit/auditd.conf file  oval:ssg-test_auditd_name_format:tst:1  false

Following items have been found on the system:
PathContent
/etc/audit/auditd.confname_format = NONE
Write Audit Logs to the Diskxccdf_org.ssgproject.content_rule_auditd_write_logs mediumCCE-83705-4

Write Audit Logs to the Disk

Rule IDxccdf_org.ssgproject.content_rule_auditd_write_logs
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-auditd_write_logs:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83705-4

References:  CM-6, FAU_STG.1, SRG-OS-000480-GPOS-00227, RHEL-09-653105, SV-258170r926497_rule

Description
To configure Audit daemon to write Audit logs to the disk, set write_logs to yes in /etc/audit/auditd.conf. This is the default setting.
Rationale
If write_logs isn't set to yes, the Audit logs will not be written to the disk.
OVAL test results details

tests the value of write_logs setting in the /etc/audit/auditd.conf file  oval:ssg-test_auditd_write_logs:tst:1  true

Following items have been found on the system:
PathContent
/etc/audit/auditd.confwrite_logs = yes

tests the absence of write_logs setting in the /etc/audit/auditd.conf file  oval:ssg-test_auditd_write_logs_default_not_overriden:tst:1  false

Following items have been found on the system:
PathContent
/etc/audit/auditd.confwrite_logs =
Ensure rsyslog is Installedxccdf_org.ssgproject.content_rule_package_rsyslog_installed mediumCCE-84063-7

Ensure rsyslog is Installed

Rule IDxccdf_org.ssgproject.content_rule_package_rsyslog_installed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_rsyslog_installed:def:1
Time2024-02-25T14:39:36+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84063-7

References:  1, 14, 15, 16, 3, 5, 6, APO11.04, BAI03.05, DSS05.04, DSS05.07, MEA02.01, CCI-001311, CCI-001312, CCI-000366, 164.312(a)(2)(ii), 4.3.3.3.9, 4.3.3.5.8, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 2.10, SR 2.11, SR 2.12, SR 2.8, SR 2.9, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, CM-6(a), PR.PT-1, FTP_ITC_EXT.1.1, SRG-OS-000479-GPOS-00224, SRG-OS-000051-GPOS-00024, SRG-OS-000480-GPOS-00227, RHEL-09-652010, 4.2.1.1, SV-258140r926407_rule

Description
Rsyslog is installed by default. The rsyslog package can be installed with the following command:
 $ sudo dnf install rsyslog
Rationale
The rsyslog package provides the rsyslog daemon, which provides system logging services.
OVAL test results details

package rsyslog is installed  oval:ssg-test_package_rsyslog_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslogaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-0:8.2102.0-117.el9.aarch64
Enable rsyslog Servicexccdf_org.ssgproject.content_rule_service_rsyslog_enabled mediumCCE-83989-4

Enable rsyslog Service

Rule IDxccdf_org.ssgproject.content_rule_service_rsyslog_enabled
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-service_rsyslog_enabled:def:1
Time2024-02-25T14:39:37+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83989-4

References:  1, 12, 13, 14, 15, 16, 2, 3, 5, 6, 7, 8, 9, APO10.01, APO10.03, APO10.04, APO10.05, APO11.04, APO13.01, BAI03.05, BAI04.04, DSS01.03, DSS03.05, DSS05.02, DSS05.04, DSS05.05, DSS05.07, MEA01.01, MEA01.02, MEA01.03, MEA01.04, MEA01.05, MEA02.01, CCI-001311, CCI-001312, CCI-001557, CCI-001851, CCI-000366, 164.312(a)(2)(ii), 4.3.2.6.7, 4.3.3.3.9, 4.3.3.5.8, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, SR 2.10, SR 2.11, SR 2.12, SR 2.8, SR 2.9, SR 6.1, SR 6.2, SR 7.1, SR 7.2, A.12.1.3, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.14.2.7, A.15.2.1, A.15.2.2, A.17.2.1, CM-6(a), AU-4(1), DE.CM-1, DE.CM-3, DE.CM-7, ID.SC-4, PR.DS-4, PR.PT-1, SRG-OS-000480-GPOS-00227, RHEL-09-652020, 4.2.1.2, SV-258142r926413_rule

Description
The rsyslog service provides syslog-style logging by default on Red Hat Enterprise Linux 9. The rsyslog service can be enabled with the following command:
$ sudo systemctl enable rsyslog.service
Rationale
The rsyslog service must be running in order to provide logging services, which are essential to system administration.
OVAL test results details

package rsyslog is installed  oval:ssg-test_service_rsyslog_package_rsyslog_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
rsyslogaarch64(none)117.el98.2102.00:8.2102.0-117.el9199e2f91fd431d51rsyslog-0:8.2102.0-117.el9.aarch64

Test that the rsyslog service is running  oval:ssg-test_service_running_rsyslog:tst:1  true

Following items have been found on the system:
UnitPropertyValue
rsyslog.serviceActiveStateactive

systemd test  oval:ssg-test_multi_user_wants_rsyslog:tst:1  true

Following items have been found on the system:
UnitDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependency
multi-user.targetbasic.target-.mountsysinit.targetsystemd-machine-id-commit.servicelvm2-monitor.servicesystemd-update-done.serviceveritysetup.targetplymouth-read-write.servicesystemd-pcrphase.servicesystemd-sysctl.servicesystemd-update-utmp.servicenis-domainname.servicesystemd-hwdb-update.serviceproc-sys-fs-binfmt_misc.automountcryptsetup.targetsystemd-tmpfiles-setup-dev.servicesystemd-journald.servicesystemd-modules-load.serviceswap.targetdev-mapper-rhel\x2dswap.swapkmod-static-nodes.servicesys-fs-fuse-connections.mountsystemd-random-seed.serviceintegritysetup.targetsystemd-boot-update.servicesystemd-network-generator.serviceiscsi-onboot.servicesystemd-firstboot.servicemultipathd.servicesys-kernel-config.mountsystemd-journal-flush.servicedev-hugepages.mountsystemd-udev-trigger.serviceplymouth-start.servicesystemd-repart.servicesystemd-boot-system-token.servicesystemd-journal-catalog-update.servicelocal-fs.targetboot-efi.mounthome.mountboot.mountostree-remount.servicesystemd-remount-fs.servicedev-mqueue.mountsystemd-ask-password-console.pathsystemd-pcrphase-sysinit.servicesystemd-tmpfiles-setup.serviceselinux-autorelabel-mark.servicesys-kernel-tracing.mountsystemd-udevd.servicelvm2-lvmpolld.socketsys-kernel-debug.mountldconfig.servicesystemd-sysusers.servicesystemd-binfmt.servicedracut-shutdown.servicetimers.targetmlocate-updatedb.timerlogrotate.timersystemd-tmpfiles-clean.timerdnf-makecache.timerslices.targetsystem.slice-.slicelow-memory-monitor.servicepaths.targetsockets.targetdm-event.socketsystemd-journald-dev-log.socketcups.socketiscsid.socketsssd-kcm.socketiscsiuio.socketsystemd-udevd-kernel.socketdbus.socketsystemd-initctl.socketavahi-daemon.socketmultipathd.socketsystemd-coredump.socketsystemd-udevd-control.socketsystemd-journald.socketkdump.servicefirewalld.servicetuned.servicechronyd.serviceremote-fs.targetiscsi.serviceatd.servicelibstoragemgmt.servicevmtoolsd.servicesystemd-user-sessions.serviceauditd.servicesssd.servicesmartd.serviceNetworkManager.serviceModemManager.servicesshd.servicecups.pathrhsmcertd.serviceplymouth-quit.servicepostgresql.servicegetty.targetgetty@tty1.serviceserial-getty@ttyAMA0.servicemdmonitor.servicecrond.servicesystemd-update-utmp-runlevel.serviceirqbalance.servicesystemd-ask-password-wall.pathostree-readonly-sysroot-migration.serviceplymouth-quit-wait.servicersyslog.servicecups.serviceinsights-client-boot.serviceavahi-daemon.servicesystemd-logind.service

systemd test  oval:ssg-test_multi_user_wants_rsyslog_socket:tst:1  false

Following items have been found on the system:
UnitDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependency
multi-user.targetbasic.target-.mountsysinit.targetsystemd-machine-id-commit.servicelvm2-monitor.servicesystemd-update-done.serviceveritysetup.targetplymouth-read-write.servicesystemd-pcrphase.servicesystemd-sysctl.servicesystemd-update-utmp.servicenis-domainname.servicesystemd-hwdb-update.serviceproc-sys-fs-binfmt_misc.automountcryptsetup.targetsystemd-tmpfiles-setup-dev.servicesystemd-journald.servicesystemd-modules-load.serviceswap.targetdev-mapper-rhel\x2dswap.swapkmod-static-nodes.servicesys-fs-fuse-connections.mountsystemd-random-seed.serviceintegritysetup.targetsystemd-boot-update.servicesystemd-network-generator.serviceiscsi-onboot.servicesystemd-firstboot.servicemultipathd.servicesys-kernel-config.mountsystemd-journal-flush.servicedev-hugepages.mountsystemd-udev-trigger.serviceplymouth-start.servicesystemd-repart.servicesystemd-boot-system-token.servicesystemd-journal-catalog-update.servicelocal-fs.targetboot-efi.mounthome.mountboot.mountostree-remount.servicesystemd-remount-fs.servicedev-mqueue.mountsystemd-ask-password-console.pathsystemd-pcrphase-sysinit.servicesystemd-tmpfiles-setup.serviceselinux-autorelabel-mark.servicesys-kernel-tracing.mountsystemd-udevd.servicelvm2-lvmpolld.socketsys-kernel-debug.mountldconfig.servicesystemd-sysusers.servicesystemd-binfmt.servicedracut-shutdown.servicetimers.targetmlocate-updatedb.timerlogrotate.timersystemd-tmpfiles-clean.timerdnf-makecache.timerslices.targetsystem.slice-.slicelow-memory-monitor.servicepaths.targetsockets.targetdm-event.socketsystemd-journald-dev-log.socketcups.socketiscsid.socketsssd-kcm.socketiscsiuio.socketsystemd-udevd-kernel.socketdbus.socketsystemd-initctl.socketavahi-daemon.socketmultipathd.socketsystemd-coredump.socketsystemd-udevd-control.socketsystemd-journald.socketkdump.servicefirewalld.servicetuned.servicechronyd.serviceremote-fs.targetiscsi.serviceatd.servicelibstoragemgmt.servicevmtoolsd.servicesystemd-user-sessions.serviceauditd.servicesssd.servicesmartd.serviceNetworkManager.serviceModemManager.servicesshd.servicecups.pathrhsmcertd.serviceplymouth-quit.servicepostgresql.servicegetty.targetgetty@tty1.serviceserial-getty@ttyAMA0.servicemdmonitor.servicecrond.servicesystemd-update-utmp-runlevel.serviceirqbalance.servicesystemd-ask-password-wall.pathostree-readonly-sysroot-migration.serviceplymouth-quit-wait.servicersyslog.servicecups.serviceinsights-client-boot.serviceavahi-daemon.servicesystemd-logind.service
Install firewalld Packagexccdf_org.ssgproject.content_rule_package_firewalld_installed mediumCCE-84021-5

Install firewalld Package

Rule IDxccdf_org.ssgproject.content_rule_package_firewalld_installed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_firewalld_installed:def:1
Time2024-02-25T14:39:37+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84021-5

References:  CCI-002314, CM-6(a), FMT_SMF_EXT.1, SRG-OS-000096-GPOS-00050, SRG-OS-000297-GPOS-00115, SRG-OS-000298-GPOS-00116, SRG-OS-000480-GPOS-00227, SRG-OS-000480-GPOS-00232, RHEL-09-251010, SV-257935r928954_rule

Description
The firewalld package can be installed with the following command:
    $ sudo dnf install firewalld
Rationale
"Firewalld" provides an easy and effective way to block/limit remote access to the system via ports, services, and protocols. Remote access services, such as those providing remote access to network devices and information systems, which lack automated control capabilities, increase risk and make remote user access management difficult at best. Remote access is access to DoD nonpublic information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Remote access methods include, for example, dial-up, broadband, and wireless. Red Hat Enterprise Linux 9 functionality (e.g., SSH) must be capable of taking enforcement action if the audit reveals unauthorized activity. Automated control of remote access sessions allows organizations to ensure ongoing compliance with remote access policies by enforcing connection rules of remote access applications on a variety of information system components (e.g., servers, workstations, notebook computers, smartphones, and tablets)."
OVAL test results details

package firewalld is installed  oval:ssg-test_package_firewalld_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firewalldnoarch(none)2.el9_31.2.50:1.2.5-2.el9_3199e2f91fd431d51firewalld-0:1.2.5-2.el9_3.noarch
Verify firewalld Enabledxccdf_org.ssgproject.content_rule_service_firewalld_enabled mediumCCE-90833-5

Verify firewalld Enabled

Rule IDxccdf_org.ssgproject.content_rule_service_firewalld_enabled
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-service_firewalld_enabled:def:1
Time2024-02-25T14:39:38+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-90833-5

References:  A.8.SEC-RHEL3, 11, 3, 9, BAI10.01, BAI10.02, BAI10.03, BAI10.05, 3.1.3, 3.4.7, CCI-000366, CCI-000382, CCI-002314, 4.3.4.3.2, 4.3.4.3.3, SR 7.6, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, CIP-003-8 R4, CIP-003-8 R5, CIP-004-6 R3, AC-4, CM-7(b), CA-3(5), SC-7(21), CM-6(a), PR.IP-1, FMT_SMF_EXT.1, SRG-OS-000096-GPOS-00050, SRG-OS-000297-GPOS-00115, SRG-OS-000480-GPOS-00227, SRG-OS-000480-GPOS-00231, SRG-OS-000480-GPOS-00232, RHEL-09-251015, 3.4.1.2, SV-257936r925795_rule

Description
The firewalld service can be enabled with the following command:
$ sudo systemctl enable firewalld.service
Rationale
Access control methods provide the ability to enhance system security posture by restricting services and known good IP addresses and address ranges. This prevents connections from unknown hosts and protocols.
OVAL test results details

package firewalld is installed  oval:ssg-test_service_firewalld_package_firewalld_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
firewalldnoarch(none)2.el9_31.2.50:1.2.5-2.el9_3199e2f91fd431d51firewalld-0:1.2.5-2.el9_3.noarch

Test that the firewalld service is running  oval:ssg-test_service_running_firewalld:tst:1  true

Following items have been found on the system:
UnitPropertyValue
firewalld.serviceActiveStateactive

systemd test  oval:ssg-test_multi_user_wants_firewalld:tst:1  true

Following items have been found on the system:
UnitDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependency
multi-user.targetbasic.target-.mountsysinit.targetsystemd-machine-id-commit.servicelvm2-monitor.servicesystemd-update-done.serviceveritysetup.targetplymouth-read-write.servicesystemd-pcrphase.servicesystemd-sysctl.servicesystemd-update-utmp.servicenis-domainname.servicesystemd-hwdb-update.serviceproc-sys-fs-binfmt_misc.automountcryptsetup.targetsystemd-tmpfiles-setup-dev.servicesystemd-journald.servicesystemd-modules-load.serviceswap.targetdev-mapper-rhel\x2dswap.swapkmod-static-nodes.servicesys-fs-fuse-connections.mountsystemd-random-seed.serviceintegritysetup.targetsystemd-boot-update.servicesystemd-network-generator.serviceiscsi-onboot.servicesystemd-firstboot.servicemultipathd.servicesys-kernel-config.mountsystemd-journal-flush.servicedev-hugepages.mountsystemd-udev-trigger.serviceplymouth-start.servicesystemd-repart.servicesystemd-boot-system-token.servicesystemd-journal-catalog-update.servicelocal-fs.targetboot-efi.mounthome.mountboot.mountostree-remount.servicesystemd-remount-fs.servicedev-mqueue.mountsystemd-ask-password-console.pathsystemd-pcrphase-sysinit.servicesystemd-tmpfiles-setup.serviceselinux-autorelabel-mark.servicesys-kernel-tracing.mountsystemd-udevd.servicelvm2-lvmpolld.socketsys-kernel-debug.mountldconfig.servicesystemd-sysusers.servicesystemd-binfmt.servicedracut-shutdown.servicetimers.targetmlocate-updatedb.timerlogrotate.timersystemd-tmpfiles-clean.timerdnf-makecache.timerslices.targetsystem.slice-.slicelow-memory-monitor.servicepaths.targetsockets.targetdm-event.socketsystemd-journald-dev-log.socketcups.socketiscsid.socketsssd-kcm.socketiscsiuio.socketsystemd-udevd-kernel.socketdbus.socketsystemd-initctl.socketavahi-daemon.socketmultipathd.socketsystemd-coredump.socketsystemd-udevd-control.socketsystemd-journald.socketkdump.servicefirewalld.servicetuned.servicechronyd.serviceremote-fs.targetiscsi.serviceatd.servicelibstoragemgmt.servicevmtoolsd.servicesystemd-user-sessions.serviceauditd.servicesssd.servicesmartd.serviceNetworkManager.serviceModemManager.servicesshd.servicecups.pathrhsmcertd.serviceplymouth-quit.servicepostgresql.servicegetty.targetgetty@tty1.serviceserial-getty@ttyAMA0.servicemdmonitor.servicecrond.servicesystemd-update-utmp-runlevel.serviceirqbalance.servicesystemd-ask-password-wall.pathostree-readonly-sysroot-migration.serviceplymouth-quit-wait.servicersyslog.servicecups.serviceinsights-client-boot.serviceavahi-daemon.servicesystemd-logind.service

systemd test  oval:ssg-test_multi_user_wants_firewalld_socket:tst:1  false

Following items have been found on the system:
UnitDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependency
multi-user.targetbasic.target-.mountsysinit.targetsystemd-machine-id-commit.servicelvm2-monitor.servicesystemd-update-done.serviceveritysetup.targetplymouth-read-write.servicesystemd-pcrphase.servicesystemd-sysctl.servicesystemd-update-utmp.servicenis-domainname.servicesystemd-hwdb-update.serviceproc-sys-fs-binfmt_misc.automountcryptsetup.targetsystemd-tmpfiles-setup-dev.servicesystemd-journald.servicesystemd-modules-load.serviceswap.targetdev-mapper-rhel\x2dswap.swapkmod-static-nodes.servicesys-fs-fuse-connections.mountsystemd-random-seed.serviceintegritysetup.targetsystemd-boot-update.servicesystemd-network-generator.serviceiscsi-onboot.servicesystemd-firstboot.servicemultipathd.servicesys-kernel-config.mountsystemd-journal-flush.servicedev-hugepages.mountsystemd-udev-trigger.serviceplymouth-start.servicesystemd-repart.servicesystemd-boot-system-token.servicesystemd-journal-catalog-update.servicelocal-fs.targetboot-efi.mounthome.mountboot.mountostree-remount.servicesystemd-remount-fs.servicedev-mqueue.mountsystemd-ask-password-console.pathsystemd-pcrphase-sysinit.servicesystemd-tmpfiles-setup.serviceselinux-autorelabel-mark.servicesys-kernel-tracing.mountsystemd-udevd.servicelvm2-lvmpolld.socketsys-kernel-debug.mountldconfig.servicesystemd-sysusers.servicesystemd-binfmt.servicedracut-shutdown.servicetimers.targetmlocate-updatedb.timerlogrotate.timersystemd-tmpfiles-clean.timerdnf-makecache.timerslices.targetsystem.slice-.slicelow-memory-monitor.servicepaths.targetsockets.targetdm-event.socketsystemd-journald-dev-log.socketcups.socketiscsid.socketsssd-kcm.socketiscsiuio.socketsystemd-udevd-kernel.socketdbus.socketsystemd-initctl.socketavahi-daemon.socketmultipathd.socketsystemd-coredump.socketsystemd-udevd-control.socketsystemd-journald.socketkdump.servicefirewalld.servicetuned.servicechronyd.serviceremote-fs.targetiscsi.serviceatd.servicelibstoragemgmt.servicevmtoolsd.servicesystemd-user-sessions.serviceauditd.servicesssd.servicesmartd.serviceNetworkManager.serviceModemManager.servicesshd.servicecups.pathrhsmcertd.serviceplymouth-quit.servicepostgresql.servicegetty.targetgetty@tty1.serviceserial-getty@ttyAMA0.servicemdmonitor.servicecrond.servicesystemd-update-utmp-runlevel.serviceirqbalance.servicesystemd-ask-password-wall.pathostree-readonly-sysroot-migration.serviceplymouth-quit-wait.servicersyslog.servicecups.serviceinsights-client-boot.serviceavahi-daemon.servicesystemd-logind.service
Ensure System is Not Acting as a Network Snifferxccdf_org.ssgproject.content_rule_network_sniffer_disabled mediumCCE-83996-9

Ensure System is Not Acting as a Network Sniffer

Rule IDxccdf_org.ssgproject.content_rule_network_sniffer_disabled
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-network_sniffer_disabled:def:1
Time2024-02-25T14:39:37+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83996-9

References:  1, 11, 14, 3, 9, APO11.06, APO12.06, BAI03.10, BAI09.01, BAI09.02, BAI09.03, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS01.05, DSS04.05, DSS05.02, DSS05.05, DSS06.06, CCI-000366, 4.2.3.4, 4.3.3.3.7, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, 4.4.3.4, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 7.6, SR 7.8, A.11.1.2, A.11.2.4, A.11.2.5, A.11.2.6, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, A.16.1.6, A.8.1.1, A.8.1.2, A.9.1.2, CM-7(a), CM-7(b), CM-6(a), CM-7(2), MA-3, DE.DP-5, ID.AM-1, PR.IP-1, PR.MA-1, PR.PT-3, SRG-OS-000480-GPOS-00227, RHEL-09-251040, SV-257941r925810_rule

Description
The system should not be acting as a network sniffer, which can capture all traffic on the network to which it is connected. Run the following to determine if any interface is running in promiscuous mode:
$ ip link | grep PROMISC
Promiscuous mode of an interface can be disabled with the following command:
$ sudo ip link set dev device_name multicast off promisc off
Rationale
Network interfaces in promiscuous mode allow for the capture of all network traffic visible to the system. If unauthorized individuals can access these applications, it may allow them to collect information such as logon IDs, passwords, and key exchanges between systems.

If the system is being used to perform a network troubleshooting function, the use of these tools must be documented with the Information Systems Security Manager (ISSM) and restricted to only authorized personnel.
OVAL test results details

check all network interfaces for PROMISC flag  oval:ssg-test_promisc_interfaces:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_promisc_interfaces:obj:1 of type interface_object
NameFilter
^.*$oval:ssg-state_promisc:ste:1
Verify that System Executables Have Root Ownershipxccdf_org.ssgproject.content_rule_file_ownership_binary_dirs mediumCCE-83908-4

Verify that System Executables Have Root Ownership

Rule IDxccdf_org.ssgproject.content_rule_file_ownership_binary_dirs
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-file_ownership_binary_dirs:def:1
Time2024-02-25T14:40:01+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83908-4

References:  12, 13, 14, 15, 16, 18, 3, 5, APO01.06, DSS05.04, DSS05.07, DSS06.02, CCI-001499, 4.3.3.7.3, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 R2.3, CIP-007-3 R2.1, CIP-007-3 R2.2, CIP-007-3 R2.3, CIP-007-3 R5.1, CIP-007-3 R5.1.1, CIP-007-3 R5.1.2, CM-5(6), CM-5(6).1, CM-6(a), AC-6(1), PR.AC-4, PR.DS-5, SRG-OS-000259-GPOS-00100, RHEL-09-232190, SV-257918r925741_rule

Description
System executables are stored in the following directories by default:
/bin
    /sbin
    /usr/bin
    /usr/libexec
    /usr/local/bin
    /usr/local/sbin
    /usr/sbin
All files in these directories should be owned by the root user. If any file FILE in these directories is found to be owned by a user other than root, correct its ownership with the following command:
$ sudo chown root FILE
Rationale
System binaries are executed by privileged users as well as system services, and restrictive permissions are necessary to ensure that their execution of these programs cannot be co-opted.
OVAL test results details

binary directories uid root  oval:ssg-test_ownership_binary_directories:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_ownership_binary_directories:obj:1 of type file_object
PathFilenameFilter
^\/(|s)bin|^\/usr\/(|local\/)(|s)bin|^\/usr\/libexecno valueoval:ssg-state_owner_binaries_not_root:ste:1

binary files uid root  oval:ssg-test_ownership_binary_files:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_ownership_binary_files:obj:1 of type file_object
PathFilenameFilter
^\/(|s)bin|^\/usr\/(|local\/)(|s)bin|^\/usr\/libexec^.*$oval:ssg-state_owner_binaries_not_root:ste:1
Verify that Shared Library Files Have Root Ownershipxccdf_org.ssgproject.content_rule_file_ownership_library_dirs mediumCCE-83907-6

Verify that Shared Library Files Have Root Ownership

Rule IDxccdf_org.ssgproject.content_rule_file_ownership_library_dirs
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-file_ownership_library_dirs:def:1
Time2024-02-25T14:40:02+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83907-6

References:  12, 13, 14, 15, 16, 18, 3, 5, APO01.06, DSS05.04, DSS05.07, DSS06.02, CCI-001499, 4.3.3.7.3, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 R2.3, CIP-007-3 R2.1, CIP-007-3 R2.2, CIP-007-3 R2.3, CIP-007-3 R5.1, CIP-007-3 R5.1.1, CIP-007-3 R5.1.2, CM-5(6), CM-5(6).1, CM-6(a), AC-6(1), PR.AC-4, PR.DS-5, SRG-OS-000259-GPOS-00100, RHEL-09-232200, SV-257920r925747_rule

Description
System-wide shared library files, which are linked to executables during process load time or run time, are stored in the following directories by default:
/lib
    /lib64
    /usr/lib
    /usr/lib64
    
Kernel modules, which can be added to the kernel during runtime, are also stored in /lib/modules. All files in these directories should be owned by the root user. If the directory, or any file in these directories, is found to be owned by a user other than root correct its ownership with the following command:
$ sudo chown root FILE
Rationale
Files from shared library directories are loaded into the address space of processes (including privileged ones) or of the kernel itself at runtime. Proper ownership is necessary to protect the integrity of the system.
OVAL test results details

Testing user ownership of /lib/  oval:ssg-test_file_ownership_library_dirs_0:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_ownership_library_dirs_0:obj:1 of type file_object
BehaviorsPathFilenameFilterFilter
no value/lib^.*$oval:ssg-symlink_file_ownership_library_dirs_uid_0:ste:1oval:ssg-state_file_ownership_library_dirs_uid_0_0:ste:1

Testing user ownership of /lib64/  oval:ssg-test_file_ownership_library_dirs_1:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_ownership_library_dirs_1:obj:1 of type file_object
BehaviorsPathFilenameFilterFilter
no value/lib64^.*$oval:ssg-symlink_file_ownership_library_dirs_uid_0:ste:1oval:ssg-state_file_ownership_library_dirs_uid_0_1:ste:1

Testing user ownership of /usr/lib/  oval:ssg-test_file_ownership_library_dirs_2:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_ownership_library_dirs_2:obj:1 of type file_object
BehaviorsPathFilenameFilterFilter
no value/usr/lib^.*$oval:ssg-symlink_file_ownership_library_dirs_uid_0:ste:1oval:ssg-state_file_ownership_library_dirs_uid_0_2:ste:1

Testing user ownership of /usr/lib64/  oval:ssg-test_file_ownership_library_dirs_3:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_ownership_library_dirs_3:obj:1 of type file_object
BehaviorsPathFilenameFilterFilter
no value/usr/lib64^.*$oval:ssg-symlink_file_ownership_library_dirs_uid_0:ste:1oval:ssg-state_file_ownership_library_dirs_uid_0_3:ste:1
Verify that System Executables Have Restrictive Permissionsxccdf_org.ssgproject.content_rule_file_permissions_binary_dirs mediumCCE-83911-8

Verify that System Executables Have Restrictive Permissions

Rule IDxccdf_org.ssgproject.content_rule_file_permissions_binary_dirs
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-file_permissions_binary_dirs:def:1
Time2024-02-25T14:40:02+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83911-8

References:  12, 13, 14, 15, 16, 18, 3, 5, APO01.06, DSS05.04, DSS05.07, DSS06.02, CCI-001499, 4.3.3.7.3, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 R2.3, CIP-007-3 R2.1, CIP-007-3 R2.2, CIP-007-3 R2.3, CIP-007-3 R5.1, CIP-007-3 R5.1.1, CIP-007-3 R5.1.2, CM-5(6), CM-5(6).1, CM-6(a), AC-6(1), PR.AC-4, PR.DS-5, SRG-OS-000259-GPOS-00100, RHEL-09-232010, SV-257882r925633_rule

Description
System executables are stored in the following directories by default:
/bin
    /sbin
    /usr/bin
    /usr/libexec
    /usr/local/bin
    /usr/local/sbin
    /usr/sbin
All files in these directories should not be group-writable or world-writable. If any file FILE in these directories is found to be group-writable or world-writable, correct its permission with the following command:
$ sudo chmod go-w FILE
Rationale
System binaries are executed by privileged users, as well as system services, and restrictive permissions are necessary to ensure execution of these programs cannot be co-opted.
OVAL test results details

binary files go-w  oval:ssg-test_perms_binary_files:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_permissions_binary_files:obj:1 of type file_object
PathFilenameFilterFilter
^\/(|s)bin|^\/usr\/(|local\/)(|s)bin|^\/usr\/libexec^.*$oval:ssg-state_perms_binary_files_nogroupwrite_noworldwrite:ste:1oval:ssg-state_perms_binary_files_symlink:ste:1
Verify that Shared Library Files Have Restrictive Permissionsxccdf_org.ssgproject.content_rule_file_permissions_library_dirs mediumCCE-83909-2

Verify that Shared Library Files Have Restrictive Permissions

Rule IDxccdf_org.ssgproject.content_rule_file_permissions_library_dirs
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-file_permissions_library_dirs:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83909-2

References:  12, 13, 14, 15, 16, 18, 3, 5, APO01.06, DSS05.04, DSS05.07, DSS06.02, CCI-001499, 4.3.3.7.3, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 R2.3, CIP-007-3 R2.1, CIP-007-3 R2.2, CIP-007-3 R2.3, CIP-007-3 R5.1, CIP-007-3 R5.1.1, CIP-007-3 R5.1.2, CM-6(a), CM-5(6), CM-5(6).1, AC-6(1), PR.AC-4, PR.DS-5, SRG-OS-000259-GPOS-00100, RHEL-09-232020, SV-257884r925639_rule

Description
System-wide shared library files, which are linked to executables during process load time or run time, are stored in the following directories by default:
/lib
    /lib64
    /usr/lib
    /usr/lib64
    
Kernel modules, which can be added to the kernel during runtime, are stored in /lib/modules. All files in these directories should not be group-writable or world-writable. If any file in these directories is found to be group-writable or world-writable, correct its permission with the following command:
$ sudo chmod go-w FILE
Rationale
Files from shared library directories are loaded into the address space of processes (including privileged ones) or of the kernel itself at runtime. Restrictive permissions are necessary to protect the integrity of the system.
OVAL test results details

Testing mode of /lib/  oval:ssg-test_file_permissions_library_dirs_0:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_permissions_library_dirs_0:obj:1 of type file_object
BehaviorsPathFilenameFilterFilter
no value/lib^.*$oval:ssg-exclude_symlinks__library_dirs:ste:1oval:ssg-state_file_permissions_library_dirs_0_mode_7755or_stricter_:ste:1

Testing mode of /lib64/  oval:ssg-test_file_permissions_library_dirs_1:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_permissions_library_dirs_1:obj:1 of type file_object
BehaviorsPathFilenameFilterFilter
no value/lib64^.*$oval:ssg-exclude_symlinks__library_dirs:ste:1oval:ssg-state_file_permissions_library_dirs_1_mode_7755or_stricter_:ste:1

Testing mode of /usr/lib/  oval:ssg-test_file_permissions_library_dirs_2:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_permissions_library_dirs_2:obj:1 of type file_object
BehaviorsPathFilenameFilterFilter
no value/usr/lib^.*$oval:ssg-exclude_symlinks__library_dirs:ste:1oval:ssg-state_file_permissions_library_dirs_2_mode_7755or_stricter_:ste:1

Testing mode of /usr/lib64/  oval:ssg-test_file_permissions_library_dirs_3:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_permissions_library_dirs_3:obj:1 of type file_object
BehaviorsPathFilenameFilterFilter
no value/usr/lib64^.*$oval:ssg-exclude_symlinks__library_dirs:ste:1oval:ssg-state_file_permissions_library_dirs_3_mode_7755or_stricter_:ste:1
Verify that All World-Writable Directories Have Sticky Bits Setxccdf_org.ssgproject.content_rule_dir_perms_world_writable_sticky_bits mediumCCE-83895-3

Verify that All World-Writable Directories Have Sticky Bits Set

Rule IDxccdf_org.ssgproject.content_rule_dir_perms_world_writable_sticky_bits
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-dir_perms_world_writable_sticky_bits:def:1
Time2024-02-25T14:39:39+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83895-3

References:  BP28(R40), 12, 13, 14, 15, 16, 18, 3, 5, APO01.06, DSS05.04, DSS05.07, DSS06.02, CCI-001090, 4.3.3.7.3, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 R2.3, CIP-007-3 R2.1, CIP-007-3 R2.2, CIP-007-3 R2.3, CIP-007-3 R5.1, CIP-007-3 R5.1.1, CIP-007-3 R5.1.2, CM-6(a), AC-6(1), PR.AC-4, PR.DS-5, SRG-OS-000138-GPOS-00069, RHEL-09-232245, 6.1.12, SV-257929r925774_rule

Description
When the so-called 'sticky bit' is set on a directory, only the owner of a given file may remove that file from the directory. Without the sticky bit, any user with write access to a directory may remove any file in the directory. Setting the sticky bit prevents users from removing each other's files. In cases where there is no reason for a directory to be world-writable, a better solution is to remove that permission rather than to set the sticky bit. However, if a directory is used by a particular application, consult that application's documentation instead of blindly changing modes.
To set the sticky bit on a world-writable directory DIR, run the following command:
$ sudo chmod +t DIR
Rationale
Failing to set the sticky bit on public directories allows unauthorized users to delete files in the directory structure.

The only authorized public directories are those temporary directories supplied with the system, or those designed to be temporary file repositories. The setting is normally reserved for directories used by the system, by users for temporary file storage (such as /tmp), and for directories requiring global read/write access.
OVAL test results details

all local world-writable directories have sticky bit set  oval:ssg-test_dir_perms_world_writable_sticky_bits:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_only_local_directories:obj:1 of type file_object
BehaviorsPathFilenameFilter
no value/no valueoval:ssg-state_world_writable_and_not_sticky:ste:1
Ensure All SGID Executables Are Authorizedxccdf_org.ssgproject.content_rule_file_permissions_unauthorized_sgid mediumCCE-83901-9

Ensure All SGID Executables Are Authorized

Rule IDxccdf_org.ssgproject.content_rule_file_permissions_unauthorized_sgid
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-file_permissions_unauthorized_sgid:def:1
Time2024-02-25T14:39:47+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83901-9

References:  BP28(R37), BP28(R38), 12, 13, 14, 15, 16, 18, 3, 5, APO01.06, DSS05.04, DSS05.07, DSS06.02, 4.3.3.7.3, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CM-6(a), AC-6(1), PR.AC-4, PR.DS-5, 6.1.14

Description
The SGID (set group id) bit should be set only on files that were installed via authorized means. A straightforward means of identifying unauthorized SGID files is determine if any were not installed as part of an RPM package, which is cryptographically verified. Investigate the origin of any unpackaged SGID files. This configuration check considers authorized SGID files which were installed via RPM. It is assumed that when an individual has sudo access to install an RPM and all packages are signed with an organizationally-recognized GPG key, the software should be considered an approved package on the system. Any SGID file not deployed through an RPM will be flagged for further review.
Rationale
Executable files with the SGID permission run with the privileges of the owner of the file. SGID files of uncertain provenance could allow for unprivileged users to elevate privileges. The presence of these files should be strictly controlled on the system.
OVAL test results details

sgid files outside system RPMs  oval:ssg-test_file_permissions_unauthorized_sgid:tst:1  false

Following items have been found on the system:
PathTypeUIDGIDSize (B)Permissions
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/libexec/utempter/utempterregular100116555770104rwx--s--x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/libexec/utempter/utempterregular16553616555870104rwx--s--x 
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/bin/writeregular100116554070080rwxr-sr-x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/bin/writeregular16553616554170080rwxr-sr-x 
Ensure All SUID Executables Are Authorizedxccdf_org.ssgproject.content_rule_file_permissions_unauthorized_suid mediumCCE-83897-9

Ensure All SUID Executables Are Authorized

Rule IDxccdf_org.ssgproject.content_rule_file_permissions_unauthorized_suid
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-file_permissions_unauthorized_suid:def:1
Time2024-02-25T14:39:56+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83897-9

References:  BP28(R37), BP28(R38), 12, 13, 14, 15, 16, 18, 3, 5, APO01.06, DSS05.04, DSS05.07, DSS06.02, 4.3.3.7.3, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CM-6(a), AC-6(1), PR.AC-4, PR.DS-5, 6.1.13

Description
The SUID (set user id) bit should be set only on files that were installed via authorized means. A straightforward means of identifying unauthorized SUID files is determine if any were not installed as part of an RPM package, which is cryptographically verified. Investigate the origin of any unpackaged SUID files. This configuration check considers authorized SUID files which were installed via RPM. It is assumed that when an individual has sudo access to install an RPM and all packages are signed with an organizationally-recognized GPG key, the software should be considered an approved package on the system. Any SUID file not deployed through an RPM will be flagged for further review.
Rationale
Executable files with the SUID permission run with the privileges of the owner of the file. SUID files of uncertain provenance could allow for unprivileged users to elevate privileges. The presence of these files should be strictly controlled on the system.
OVAL test results details

suid files outside system RPMs  oval:ssg-test_file_permissions_unauthorized_suid:tst:1  false

Following items have been found on the system:
PathTypeUIDGIDSize (B)Permissions
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/bin/chageregular10011001140648rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/bin/gpasswdregular10011001141224rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/bin/newgrpregular1001100171976rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/bin/mountregular1001100170672rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/sbin/pam_timestamp_checkregular16553616553669312rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/bin/passwdregular16553616553670088rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/sbin/unix_chkpwdregular16553616553670296rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/sbin/unix_chkpwdregular1001100170296rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/sbin/pam_timestamp_checkregular1001100169312rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/bin/chageregular165536165536140648rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/sbin/userhelperregular1001100170248rws--x--x 
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/bin/passwdregular1001100170088rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/bin/suregular1001100170440rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/libexec/dbus-1/dbus-daemon-launch-helperregular100116561671552rwsr-x--- 
/home/rippa/.local/share/containers/storage/overlay/686ccc85c44e0ab2266422e28098ab35953fbcefed6915e3d6bd797446d60f49/diff/usr/bin/umountregular1001100170248rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/sbin/userhelperregular16553616553670248rws--x--x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/libexec/dbus-1/dbus-daemon-launch-helperregular16553616561671552rwsr-x--- 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/bin/gpasswdregular165536165536141224rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/bin/newgrpregular16553616553671976rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/bin/mountregular16553616553670672rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/bin/suregular16553616553670440rwsr-xr-x 
/home/rippa/.local/share/containers/storage/overlay/08d744f1488ae343e75a1acd5b86d4812e1a352b9764aff30a31b0bad6b8970e/diff1/usr/bin/umountregular16553616553670248rwsr-xr-x 
Ensure No World-Writable Files Existxccdf_org.ssgproject.content_rule_file_permissions_unauthorized_world_writable mediumCCE-83902-7

Ensure No World-Writable Files Exist

Rule IDxccdf_org.ssgproject.content_rule_file_permissions_unauthorized_world_writable
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-file_permissions_unauthorized_world_writable:def:1
Time2024-02-25T14:40:01+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83902-7

References:  BP28(R40), 12, 13, 14, 15, 16, 18, 3, 5, APO01.06, DSS05.04, DSS05.07, DSS06.02, 4.3.3.7.3, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 R2.3, CIP-007-3 R2.1, CIP-007-3 R2.2, CIP-007-3 R2.3, CIP-007-3 R5.1, CIP-007-3 R5.1.1, CIP-007-3 R5.1.2, CM-6(a), AC-6(1), PR.AC-4, PR.DS-5, 2.2.6, 6.1.9

Description
It is generally a good idea to remove global (other) write access to a file when it is discovered. However, check with documentation for specific applications before making changes. Also, monitor for recurring world-writable files, as these may be symptoms of a misconfigured application or user account. Finally, this applies to real files and not virtual files that are a part of pseudo file systems such as sysfs or procfs.
Rationale
Data in world-writable files can be modified by any user on the system. In almost all circumstances, files can be configured using a combination of user and group permissions to support whatever legitimate access is needed without the risk caused by world-writable files.
OVAL test results details

world writable files  oval:ssg-test_file_permissions_unauthorized_world_write:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_file_permissions_unauthorized_world_write:obj:1 of type file_object
BehaviorsPathFilenameFilterFilterFilterFilter
no value/^.*$oval:ssg-state_file_permissions_unauthorized_world_write:ste:1oval:ssg-state_file_permissions_unauthorized_world_write_exclude_special_selinux_files:ste:1oval:ssg-state_file_permissions_unauthorized_world_write_exclude_proc:ste:1oval:ssg-state_file_permissions_unauthorized_world_write_exclude_sys:ste:1
Add nodev Option to /dev/shmxccdf_org.ssgproject.content_rule_mount_option_dev_shm_nodev mediumCCE-83881-3

Add nodev Option to /dev/shm

Rule IDxccdf_org.ssgproject.content_rule_mount_option_dev_shm_nodev
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-mount_option_dev_shm_nodev:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83881-3

References:  11, 13, 14, 3, 8, 9, APO13.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS05.02, DSS05.05, DSS05.06, DSS06.06, CCI-001764, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 7.6, A.11.2.9, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, A.8.2.1, A.8.2.2, A.8.2.3, A.8.3.1, A.8.3.3, A.9.1.2, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 R2.3, CIP-007-3 R2.1, CIP-007-3 R2.2, CIP-007-3 R2.3, CIP-007-3 R5.1, CIP-007-3 R5.1.1, CIP-007-3 R5.1.2, CM-7(a), CM-7(b), CM-6(a), AC-6, AC-6(1), MP-7, PR.IP-1, PR.PT-2, PR.PT-3, SRG-OS-000368-GPOS-00154, RHEL-09-231110, 1.1.8.2, SV-257863r925576_rule

Description
The nodev mount option can be used to prevent creation of device files in /dev/shm. Legitimate character and block devices should not exist within temporary directories like /dev/shm. Add the nodev option to the fourth column of /etc/fstab for the line which controls mounting of /dev/shm.
Rationale
The only legitimate location for device files is the /dev directory located on the root partition. The only exception to this is chroot jails.

Reboot:false
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    function perform_remediation {
        
    
    
        mount_point_match_regexp="$(printf "[^#].*[[:space:]]%s[[:space:]]" /dev/shm)"
    
        # If the mount point is not in /etc/fstab, get previous mount options from /etc/mtab
        if ! grep "$mount_point_match_regexp" /etc/fstab; then
            # runtime opts without some automatic kernel/userspace-added defaults
            previous_mount_opts=$(grep "$mount_point_match_regexp" /etc/mtab | head -1 |  awk '{print $4}' \
                        | sed -E "s/(rw|defaults|seclabel|nodev)(,|$)//g;s/,$//")
            [ "$previous_mount_opts" ] && previous_mount_opts+=","
            # In iso9660 filesystems mtab could describe a "blocksize" value, this should be reflected in
            # fstab as "block".  The next variable is to satisfy shellcheck SC2050.
            fs_type="tmpfs"
            if [  "$fs_type" == "iso9660" ] ; then
                previous_mount_opts=$(sed 's/blocksize=/block=/' <<< "$previous_mount_opts")
            fi
            echo "tmpfs /dev/shm tmpfs defaults,${previous_mount_opts}nodev 0 0" >> /etc/fstab
        # If the mount_opt option is not already in the mount point's /etc/fstab entry, add it
        elif ! grep "$mount_point_match_regexp" /etc/fstab | grep "nodev"; then
            previous_mount_opts=$(grep "$mount_point_match_regexp" /etc/fstab | awk '{print $4}')
            sed -i "s|\(${mount_point_match_regexp}.*${previous_mount_opts}\)|\1,nodev|" /etc/fstab
        fi
    
    
        if mkdir -p "/dev/shm"; then
            if mountpoint -q "/dev/shm"; then
                mount -o remount --target "/dev/shm"
            fi
        fi
    }
    
    perform_remediation
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:high
Reboot:false
Strategy:configure
- name: 'Add nodev Option to /dev/shm: Check information associated to mountpoint'
      command: findmnt  '/dev/shm'
      register: device_name
      failed_when: device_name.rc > 1
      changed_when: false
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83881-3
      - DISA-STIG-RHEL-09-231110
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_nodev
      - no_reboot_needed
    
    - name: 'Add nodev Option to /dev/shm: Create mount_info dictionary variable'
      set_fact:
        mount_info: '{{ mount_info|default({})|combine({item.0: item.1}) }}'
      with_together:
      - '{{ device_name.stdout_lines[0].split() | list | lower }}'
      - '{{ device_name.stdout_lines[1].split() | list }}'
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - device_name.stdout is defined and device_name.stdout_lines is defined
      - (device_name.stdout | length > 0)
      tags:
      - CCE-83881-3
      - DISA-STIG-RHEL-09-231110
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_nodev
      - no_reboot_needed
    
    - name: 'Add nodev Option to /dev/shm: If /dev/shm not mounted, craft mount_info manually'
      set_fact:
        mount_info: '{{ mount_info|default({})|combine({item.0: item.1}) }}'
      with_together:
      - - target
        - source
        - fstype
        - options
      - - /dev/shm
        - tmpfs
        - tmpfs
        - defaults
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - ("" | length == 0)
      - (device_name.stdout | length == 0)
      tags:
      - CCE-83881-3
      - DISA-STIG-RHEL-09-231110
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_nodev
      - no_reboot_needed
    
    - name: 'Add nodev Option to /dev/shm: Make sure nodev option is part of the to /dev/shm
        options'
      set_fact:
        mount_info: '{{ mount_info | combine( {''options'':''''~mount_info.options~'',nodev''
          }) }}'
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - mount_info is defined and "nodev" not in mount_info.options
      tags:
      - CCE-83881-3
      - DISA-STIG-RHEL-09-231110
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_nodev
      - no_reboot_needed
    
    - name: 'Add nodev Option to /dev/shm: Ensure /dev/shm is mounted with nodev option'
      mount:
        path: /dev/shm
        src: '{{ mount_info.source }}'
        opts: '{{ mount_info.options }}'
        state: mounted
        fstype: '{{ mount_info.fstype }}'
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - (device_name.stdout is defined and (device_name.stdout | length > 0)) or ("" |
        length == 0)
      tags:
      - CCE-83881-3
      - DISA-STIG-RHEL-09-231110
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_nodev
      - no_reboot_needed
    
OVAL test results details

nodev on /dev/shm   oval:ssg-test_dev_shm_partition_nodev_expected:tst:1  true

Following items have been found on the system:
Mount pointDeviceUuidFs typeMount optionsMount optionsMount optionsMount optionsMount optionsTotal spaceSpace usedSpace left
/dev/shmtmpfstmpfsrwseclabelnosuidnodevinode64458976288458688

/dev/shm exists  oval:ssg-test_dev_shm_partition_nodev_expected_exist:tst:1  true

Following items have been found on the system:
Mount pointDeviceUuidFs typeMount optionsMount optionsMount optionsMount optionsMount optionsTotal spaceSpace usedSpace left
/dev/shmtmpfstmpfsrwseclabelnosuidnodevinode64458976288458688

nodev on /dev/shm in /etc/fstab  oval:ssg-test_dev_shm_partition_nodev_expected_in_fstab:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_dev_shm_partition_nodev_expected_in_fstab:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/fstab^[\s]*(?!#)[\S]+[\s]+/dev/shm[\s]+[\S]+[\s]+([\S]+)1
Add noexec Option to /dev/shmxccdf_org.ssgproject.content_rule_mount_option_dev_shm_noexec mediumCCE-83857-3

Add noexec Option to /dev/shm

Rule IDxccdf_org.ssgproject.content_rule_mount_option_dev_shm_noexec
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-mount_option_dev_shm_noexec:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83857-3

References:  11, 13, 14, 3, 8, 9, APO13.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS05.02, DSS05.05, DSS05.06, DSS06.06, CCI-001764, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 7.6, A.11.2.9, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, A.8.2.1, A.8.2.2, A.8.2.3, A.8.3.1, A.8.3.3, A.9.1.2, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 R2.3, CIP-007-3 R2.1, CIP-007-3 R2.2, CIP-007-3 R2.3, CIP-007-3 R5.1, CIP-007-3 R5.1.1, CIP-007-3 R5.1.2, CM-7(a), CM-7(b), CM-6(a), AC-6, AC-6(1), MP-7, PR.IP-1, PR.PT-2, PR.PT-3, SRG-OS-000368-GPOS-00154, RHEL-09-231115, 1.1.8.3, SV-257864r925579_rule

Description
The noexec mount option can be used to prevent binaries from being executed out of /dev/shm. It can be dangerous to allow the execution of binaries from world-writable temporary storage directories such as /dev/shm. Add the noexec option to the fourth column of /etc/fstab for the line which controls mounting of /dev/shm.
Rationale
Allowing users to execute binaries from world-writable directories such as /dev/shm can expose the system to potential compromise.

Reboot:false
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    function perform_remediation {
        
    
    
        mount_point_match_regexp="$(printf "[^#].*[[:space:]]%s[[:space:]]" /dev/shm)"
    
        # If the mount point is not in /etc/fstab, get previous mount options from /etc/mtab
        if ! grep "$mount_point_match_regexp" /etc/fstab; then
            # runtime opts without some automatic kernel/userspace-added defaults
            previous_mount_opts=$(grep "$mount_point_match_regexp" /etc/mtab | head -1 |  awk '{print $4}' \
                        | sed -E "s/(rw|defaults|seclabel|noexec)(,|$)//g;s/,$//")
            [ "$previous_mount_opts" ] && previous_mount_opts+=","
            # In iso9660 filesystems mtab could describe a "blocksize" value, this should be reflected in
            # fstab as "block".  The next variable is to satisfy shellcheck SC2050.
            fs_type="tmpfs"
            if [  "$fs_type" == "iso9660" ] ; then
                previous_mount_opts=$(sed 's/blocksize=/block=/' <<< "$previous_mount_opts")
            fi
            echo "tmpfs /dev/shm tmpfs defaults,${previous_mount_opts}noexec 0 0" >> /etc/fstab
        # If the mount_opt option is not already in the mount point's /etc/fstab entry, add it
        elif ! grep "$mount_point_match_regexp" /etc/fstab | grep "noexec"; then
            previous_mount_opts=$(grep "$mount_point_match_regexp" /etc/fstab | awk '{print $4}')
            sed -i "s|\(${mount_point_match_regexp}.*${previous_mount_opts}\)|\1,noexec|" /etc/fstab
        fi
    
    
        if mkdir -p "/dev/shm"; then
            if mountpoint -q "/dev/shm"; then
                mount -o remount --target "/dev/shm"
            fi
        fi
    }
    
    perform_remediation
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:high
Reboot:false
Strategy:configure
- name: 'Add noexec Option to /dev/shm: Check information associated to mountpoint'
      command: findmnt  '/dev/shm'
      register: device_name
      failed_when: device_name.rc > 1
      changed_when: false
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83857-3
      - DISA-STIG-RHEL-09-231115
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_noexec
      - no_reboot_needed
    
    - name: 'Add noexec Option to /dev/shm: Create mount_info dictionary variable'
      set_fact:
        mount_info: '{{ mount_info|default({})|combine({item.0: item.1}) }}'
      with_together:
      - '{{ device_name.stdout_lines[0].split() | list | lower }}'
      - '{{ device_name.stdout_lines[1].split() | list }}'
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - device_name.stdout is defined and device_name.stdout_lines is defined
      - (device_name.stdout | length > 0)
      tags:
      - CCE-83857-3
      - DISA-STIG-RHEL-09-231115
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_noexec
      - no_reboot_needed
    
    - name: 'Add noexec Option to /dev/shm: If /dev/shm not mounted, craft mount_info
        manually'
      set_fact:
        mount_info: '{{ mount_info|default({})|combine({item.0: item.1}) }}'
      with_together:
      - - target
        - source
        - fstype
        - options
      - - /dev/shm
        - tmpfs
        - tmpfs
        - defaults
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - ("" | length == 0)
      - (device_name.stdout | length == 0)
      tags:
      - CCE-83857-3
      - DISA-STIG-RHEL-09-231115
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_noexec
      - no_reboot_needed
    
    - name: 'Add noexec Option to /dev/shm: Make sure noexec option is part of the to
        /dev/shm options'
      set_fact:
        mount_info: '{{ mount_info | combine( {''options'':''''~mount_info.options~'',noexec''
          }) }}'
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - mount_info is defined and "noexec" not in mount_info.options
      tags:
      - CCE-83857-3
      - DISA-STIG-RHEL-09-231115
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_noexec
      - no_reboot_needed
    
    - name: 'Add noexec Option to /dev/shm: Ensure /dev/shm is mounted with noexec option'
      mount:
        path: /dev/shm
        src: '{{ mount_info.source }}'
        opts: '{{ mount_info.options }}'
        state: mounted
        fstype: '{{ mount_info.fstype }}'
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - (device_name.stdout is defined and (device_name.stdout | length > 0)) or ("" |
        length == 0)
      tags:
      - CCE-83857-3
      - DISA-STIG-RHEL-09-231115
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_noexec
      - no_reboot_needed
    
OVAL test results details

noexec on /dev/shm   oval:ssg-test_dev_shm_partition_noexec_expected:tst:1  false

Following items have been found on the system:
Mount pointDeviceUuidFs typeMount optionsMount optionsMount optionsMount optionsMount optionsTotal spaceSpace usedSpace left
/dev/shmtmpfstmpfsrwseclabelnosuidnodevinode64458976288458688

/dev/shm exists  oval:ssg-test_dev_shm_partition_noexec_expected_exist:tst:1  true

Following items have been found on the system:
Mount pointDeviceUuidFs typeMount optionsMount optionsMount optionsMount optionsMount optionsTotal spaceSpace usedSpace left
/dev/shmtmpfstmpfsrwseclabelnosuidnodevinode64458976288458688

noexec on /dev/shm in /etc/fstab  oval:ssg-test_dev_shm_partition_noexec_expected_in_fstab:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_dev_shm_partition_noexec_expected_in_fstab:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/fstab^[\s]*(?!#)[\S]+[\s]+/dev/shm[\s]+[\S]+[\s]+([\S]+)1
Add nosuid Option to /dev/shmxccdf_org.ssgproject.content_rule_mount_option_dev_shm_nosuid mediumCCE-83891-2

Add nosuid Option to /dev/shm

Rule IDxccdf_org.ssgproject.content_rule_mount_option_dev_shm_nosuid
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-mount_option_dev_shm_nosuid:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83891-2

References:  11, 13, 14, 3, 8, 9, APO13.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS05.02, DSS05.05, DSS05.06, DSS06.06, CCI-001764, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 7.6, A.11.2.9, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, A.8.2.1, A.8.2.2, A.8.2.3, A.8.3.1, A.8.3.3, A.9.1.2, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 R2.3, CIP-007-3 R2.1, CIP-007-3 R2.2, CIP-007-3 R2.3, CIP-007-3 R5.1, CIP-007-3 R5.1.1, CIP-007-3 R5.1.2, CM-7(a), CM-7(b), CM-6(a), AC-6, AC-6(1), MP-7, PR.IP-1, PR.PT-2, PR.PT-3, SRG-OS-000368-GPOS-00154, RHEL-09-231120, 1.1.8.4, SV-257865r925582_rule

Description
The nosuid mount option can be used to prevent execution of setuid programs in /dev/shm. The SUID and SGID permissions should not be required in these world-writable directories. Add the nosuid option to the fourth column of /etc/fstab for the line which controls mounting of /dev/shm.
Rationale
The presence of SUID and SGID executables should be tightly controlled. Users should not be able to execute SUID or SGID binaries from temporary storage partitions.

Reboot:false
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    function perform_remediation {
        
    
    
        mount_point_match_regexp="$(printf "[^#].*[[:space:]]%s[[:space:]]" /dev/shm)"
    
        # If the mount point is not in /etc/fstab, get previous mount options from /etc/mtab
        if ! grep "$mount_point_match_regexp" /etc/fstab; then
            # runtime opts without some automatic kernel/userspace-added defaults
            previous_mount_opts=$(grep "$mount_point_match_regexp" /etc/mtab | head -1 |  awk '{print $4}' \
                        | sed -E "s/(rw|defaults|seclabel|nosuid)(,|$)//g;s/,$//")
            [ "$previous_mount_opts" ] && previous_mount_opts+=","
            # In iso9660 filesystems mtab could describe a "blocksize" value, this should be reflected in
            # fstab as "block".  The next variable is to satisfy shellcheck SC2050.
            fs_type="tmpfs"
            if [  "$fs_type" == "iso9660" ] ; then
                previous_mount_opts=$(sed 's/blocksize=/block=/' <<< "$previous_mount_opts")
            fi
            echo "tmpfs /dev/shm tmpfs defaults,${previous_mount_opts}nosuid 0 0" >> /etc/fstab
        # If the mount_opt option is not already in the mount point's /etc/fstab entry, add it
        elif ! grep "$mount_point_match_regexp" /etc/fstab | grep "nosuid"; then
            previous_mount_opts=$(grep "$mount_point_match_regexp" /etc/fstab | awk '{print $4}')
            sed -i "s|\(${mount_point_match_regexp}.*${previous_mount_opts}\)|\1,nosuid|" /etc/fstab
        fi
    
    
        if mkdir -p "/dev/shm"; then
            if mountpoint -q "/dev/shm"; then
                mount -o remount --target "/dev/shm"
            fi
        fi
    }
    
    perform_remediation
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:high
Reboot:false
Strategy:configure
- name: 'Add nosuid Option to /dev/shm: Check information associated to mountpoint'
      command: findmnt  '/dev/shm'
      register: device_name
      failed_when: device_name.rc > 1
      changed_when: false
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83891-2
      - DISA-STIG-RHEL-09-231120
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_nosuid
      - no_reboot_needed
    
    - name: 'Add nosuid Option to /dev/shm: Create mount_info dictionary variable'
      set_fact:
        mount_info: '{{ mount_info|default({})|combine({item.0: item.1}) }}'
      with_together:
      - '{{ device_name.stdout_lines[0].split() | list | lower }}'
      - '{{ device_name.stdout_lines[1].split() | list }}'
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - device_name.stdout is defined and device_name.stdout_lines is defined
      - (device_name.stdout | length > 0)
      tags:
      - CCE-83891-2
      - DISA-STIG-RHEL-09-231120
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_nosuid
      - no_reboot_needed
    
    - name: 'Add nosuid Option to /dev/shm: If /dev/shm not mounted, craft mount_info
        manually'
      set_fact:
        mount_info: '{{ mount_info|default({})|combine({item.0: item.1}) }}'
      with_together:
      - - target
        - source
        - fstype
        - options
      - - /dev/shm
        - tmpfs
        - tmpfs
        - defaults
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - ("" | length == 0)
      - (device_name.stdout | length == 0)
      tags:
      - CCE-83891-2
      - DISA-STIG-RHEL-09-231120
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_nosuid
      - no_reboot_needed
    
    - name: 'Add nosuid Option to /dev/shm: Make sure nosuid option is part of the to
        /dev/shm options'
      set_fact:
        mount_info: '{{ mount_info | combine( {''options'':''''~mount_info.options~'',nosuid''
          }) }}'
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - mount_info is defined and "nosuid" not in mount_info.options
      tags:
      - CCE-83891-2
      - DISA-STIG-RHEL-09-231120
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_nosuid
      - no_reboot_needed
    
    - name: 'Add nosuid Option to /dev/shm: Ensure /dev/shm is mounted with nosuid option'
      mount:
        path: /dev/shm
        src: '{{ mount_info.source }}'
        opts: '{{ mount_info.options }}'
        state: mounted
        fstype: '{{ mount_info.fstype }}'
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - (device_name.stdout is defined and (device_name.stdout | length > 0)) or ("" |
        length == 0)
      tags:
      - CCE-83891-2
      - DISA-STIG-RHEL-09-231120
      - NIST-800-53-AC-6
      - NIST-800-53-AC-6(1)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - NIST-800-53-MP-7
      - configure_strategy
      - high_disruption
      - low_complexity
      - medium_severity
      - mount_option_dev_shm_nosuid
      - no_reboot_needed
    
OVAL test results details

nosuid on /dev/shm   oval:ssg-test_dev_shm_partition_nosuid_expected:tst:1  true

Following items have been found on the system:
Mount pointDeviceUuidFs typeMount optionsMount optionsMount optionsMount optionsMount optionsTotal spaceSpace usedSpace left
/dev/shmtmpfstmpfsrwseclabelnosuidnodevinode64458976288458688

/dev/shm exists  oval:ssg-test_dev_shm_partition_nosuid_expected_exist:tst:1  true

Following items have been found on the system:
Mount pointDeviceUuidFs typeMount optionsMount optionsMount optionsMount optionsMount optionsTotal spaceSpace usedSpace left
/dev/shmtmpfstmpfsrwseclabelnosuidnodevinode64458976288458688

nosuid on /dev/shm in /etc/fstab  oval:ssg-test_dev_shm_partition_nosuid_expected_in_fstab:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_dev_shm_partition_nosuid_expected_in_fstab:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/fstab^[\s]*(?!#)[\S]+[\s]+/dev/shm[\s]+[\S]+[\s]+([\S]+)1
Enable ExecShield via sysctlxccdf_org.ssgproject.content_rule_sysctl_kernel_exec_shield mediumCCE-83970-4

Enable ExecShield via sysctl

Rule IDxccdf_org.ssgproject.content_rule_sysctl_kernel_exec_shield
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-sysctl_kernel_exec_shield:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83970-4

References:  12, 15, 8, APO13.01, DSS05.02, 3.1.7, CCI-002530, 164.308(a)(1)(ii)(D), 164.308(a)(3), 164.308(a)(4), 164.310(b), 164.310(c), 164.312(a), 164.312(e), SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.13.1.1, A.13.2.1, A.14.1.3, SC-39, CM-6(a), PR.PT-4, SRG-OS-000433-GPOS-00192, RHEL-09-213110, SV-257817r925438_rule

Description
By default on Red Hat Enterprise Linux 9 64-bit systems, ExecShield is enabled and can only be disabled if the hardware does not support ExecShield or is disabled in /etc/default/grub.
Rationale
ExecShield uses the segmentation feature on all x86 systems to prevent execution in memory higher than a certain address. It writes an address as a limit in the code segment descriptor, to control where code can be executed, on a per-process basis. When the kernel places a process's memory regions such as the stack and heap higher than this address, the hardware prevents execution in that address range. This is enabled by default on the latest Red Hat and Fedora systems if supported by the hardware.
OVAL test results details

64 bit architecture  oval:ssg-test_system_info_architecture_x86_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppc_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_ppcle_64:tst:1  not evaluated

No items have been found conforming to the following objects:
Object oval:ssg-object_system_info_architecture_ppcle_64:obj:1 of type uname_object

64 bit architecture  oval:ssg-test_system_info_architecture_aarch_64:tst:1  true

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

64 bit architecture  oval:ssg-test_system_info_architecture_s390_64:tst:1  false

Following items have been found on the system:
Machine classNode nameOs nameOs releaseOs versionProcessor type
aarch64rhel-db2.localLinux5.14.0-362.8.1.el9_3.aarch64#1 SMP PREEMPT_DYNAMIC Tue Oct 3 11:57:53 EDT 2023aarch64

NX is disabled  oval:ssg-test_nx_disabled_grub:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_nx_disabled_grub:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/boot/grub2/grub.cfg[\s]*noexec[\s]*=[\s]*off1
Restrict Exposed Kernel Pointer Addresses Accessxccdf_org.ssgproject.content_rule_sysctl_kernel_kptr_restrict mediumCCE-83972-0

Restrict Exposed Kernel Pointer Addresses Access

Rule IDxccdf_org.ssgproject.content_rule_sysctl_kernel_kptr_restrict
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-sysctl_kernel_kptr_restrict:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83972-0

References:  BP28(R23), CCI-002824, CCI-000366, CIP-002-5 R1.1, CIP-002-5 R1.2, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 4.1, CIP-004-6 4.2, CIP-004-6 R2.2.3, CIP-004-6 R2.2.4, CIP-004-6 R2.3, CIP-004-6 R4, CIP-005-6 R1, CIP-005-6 R1.1, CIP-005-6 R1.2, CIP-007-3 R3, CIP-007-3 R3.1, CIP-007-3 R5.1, CIP-007-3 R5.1.2, CIP-007-3 R5.1.3, CIP-007-3 R5.2.1, CIP-007-3 R5.2.3, CIP-007-3 R8.4, CIP-009-6 R.1.1, CIP-009-6 R4, SC-30, SC-30(2), SC-30(5), CM-6(a), SRG-OS-000132-GPOS-00067, SRG-OS-000433-GPOS-00192, SRG-OS-000480-GPOS-00227, RHEL-09-213025, SV-257800r925387_rule

Description
To set the runtime status of the kernel.kptr_restrict kernel parameter, run the following command:
$ sudo sysctl -w kernel.kptr_restrict=1
To make sure that the setting is persistent, add the following line to a file in the directory /etc/sysctl.d:
kernel.kptr_restrict = 1
Rationale
Exposing kernel pointers (through procfs or seq_printf()) exposes kernel writeable structures which may contain functions pointers. If a write vulnerability occurs in the kernel, allowing write access to any of this structure, the kernel can be compromised. This option disallow any program without the CAP_SYSLOG capability to get the addresses of kernel pointers by replacing them with 0.
OVAL test results details

kernel.kptr_restrict static configuration  oval:ssg-test_sysctl_kernel_kptr_restrict_static_user:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_kptr_restrict:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_kptr_restrict:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_kptr_restrict:obj:1

kernel.kptr_restrict static configuration  oval:ssg-test_sysctl_kernel_kptr_restrict_static_user_missing:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_kptr_restrict:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_kptr_restrict:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_kptr_restrict:obj:1

kernel.kptr_restrict static configuration in /usr/lib/sysctl.d/*.conf  oval:ssg-test_sysctl_kernel_kptr_restrict_static_pkg_correct:tst:1  true

Following items have been found on the system:
PathContent
/usr/lib/sysctl.d/50-redhat.confkernel.kptr_restrict = 1

kernel runtime parameter kernel.kptr_restrict set to 1 or 2  oval:ssg-test_sysctl_kernel_kptr_restrict_runtime:tst:1  true

Following items have been found on the system:
NameValue
kernel.kptr_restrict1
Enable Randomized Layout of Virtual Address Spacexccdf_org.ssgproject.content_rule_sysctl_kernel_randomize_va_space mediumCCE-83971-2

Enable Randomized Layout of Virtual Address Space

Rule IDxccdf_org.ssgproject.content_rule_sysctl_kernel_randomize_va_space
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sysctl_kernel_randomize_va_space:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83971-2

References:  BP28(R23), 3.1.7, CCI-000366, CCI-002824, 164.308(a)(1)(ii)(D), 164.308(a)(3), 164.308(a)(4), 164.310(b), 164.310(c), 164.312(a), 164.312(e), CIP-002-5 R1.1, CIP-002-5 R1.2, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 4.1, CIP-004-6 4.2, CIP-004-6 R2.2.3, CIP-004-6 R2.2.4, CIP-004-6 R2.3, CIP-004-6 R4, CIP-005-6 R1, CIP-005-6 R1.1, CIP-005-6 R1.2, CIP-007-3 R3, CIP-007-3 R3.1, CIP-007-3 R5.1, CIP-007-3 R5.1.2, CIP-007-3 R5.1.3, CIP-007-3 R5.2.1, CIP-007-3 R5.2.3, CIP-007-3 R8.4, CIP-009-6 R.1.1, CIP-009-6 R4, SC-30, SC-30(2), CM-6(a), Req-2.2.1, 2.2.3, SRG-OS-000433-GPOS-00193, SRG-OS-000480-GPOS-00227, SRG-APP-000450-CTR-001105, RHEL-09-213070, 1.5.3, SV-257809r925414_rule

Description
To set the runtime status of the kernel.randomize_va_space kernel parameter, run the following command:
$ sudo sysctl -w kernel.randomize_va_space=2
To make sure that the setting is persistent, add the following line to a file in the directory /etc/sysctl.d:
kernel.randomize_va_space = 2
Rationale
Address space layout randomization (ASLR) makes it more difficult for an attacker to predict the location of attack code they have introduced into a process's address space during an attempt at exploitation. Additionally, ASLR makes it more difficult for an attacker to know the location of existing code in order to re-purpose it using return oriented programming (ROP) techniques.

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    # Comment out any occurrences of kernel.randomize_va_space from /etc/sysctl.d/*.conf files
    
    for f in /etc/sysctl.d/*.conf /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf; do
    
      matching_list=$(grep -P '^(?!#).*[\s]*kernel.randomize_va_space.*$' $f | uniq )
      if ! test -z "$matching_list"; then
        while IFS= read -r entry; do
          escaped_entry=$(sed -e 's|/|\\/|g' <<< "$entry")
          # comment out "kernel.randomize_va_space" matches to preserve user data
          sed -i "s/^${escaped_entry}$/# &/g" $f
        done <<< "$matching_list"
      fi
    done
    
    #
    # Set sysctl config file which to save the desired value
    #
    
    SYSCONFIG_FILE="/etc/sysctl.conf"
    
    
    #
    # Set runtime for kernel.randomize_va_space
    #
    /sbin/sysctl -q -n -w kernel.randomize_va_space="2"
    
    #
    # If kernel.randomize_va_space present in /etc/sysctl.conf, change value to "2"
    #	else, add "kernel.randomize_va_space = 2" to /etc/sysctl.conf
    #
    
    # Strip any search characters in the key arg so that the key can be replaced without
    # adding any search characters to the config file.
    stripped_key=$(sed 's/[\^=\$,;+]*//g' <<< "^kernel.randomize_va_space")
    
    # shellcheck disable=SC2059
    printf -v formatted_output "%s = %s" "$stripped_key" "2"
    
    # If the key exists, change it. Otherwise, add it to the config_file.
    # We search for the key string followed by a word boundary (matched by \>),
    # so if we search for 'setting', 'setting2' won't match.
    if LC_ALL=C grep -q -m 1 -i -e "^kernel.randomize_va_space\\>" "${SYSCONFIG_FILE}"; then
        escaped_formatted_output=$(sed -e 's|/|\\/|g' <<< "$formatted_output")
        LC_ALL=C sed -i --follow-symlinks "s/^kernel.randomize_va_space\\>.*/$escaped_formatted_output/gi" "${SYSCONFIG_FILE}"
    else
        if [[ -s "${SYSCONFIG_FILE}" ]] && [[ -n "$(tail -c 1 -- "${SYSCONFIG_FILE}" || true)" ]]; then
            LC_ALL=C sed -i --follow-symlinks '$a'\\ "${SYSCONFIG_FILE}"
        fi
        cce="CCE-83971-2"
        printf '# Per %s: Set %s in %s\n' "${cce}" "${formatted_output}" "${SYSCONFIG_FILE}" >> "${SYSCONFIG_FILE}"
        printf '%s\n' "$formatted_output" >> "${SYSCONFIG_FILE}"
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
- name: List /etc/sysctl.d/*.conf files
      find:
        paths:
        - /etc/sysctl.d/
        - /run/sysctl.d/
        - /usr/local/lib/sysctl.d/
        contains: ^[\s]*kernel.randomize_va_space.*$
        patterns: '*.conf'
        file_type: any
      register: find_sysctl_d
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83971-2
      - DISA-STIG-RHEL-09-213070
      - NIST-800-171-3.1.7
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SC-30
      - NIST-800-53-SC-30(2)
      - PCI-DSS-Req-2.2.1
      - PCI-DSSv4-2.2.3
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_randomize_va_space
    
    - name: Comment out any occurrences of kernel.randomize_va_space from config files
      replace:
        path: '{{ item.path }}'
        regexp: ^[\s]*kernel.randomize_va_space
        replace: '#kernel.randomize_va_space'
      loop: '{{ find_sysctl_d.files }}'
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83971-2
      - DISA-STIG-RHEL-09-213070
      - NIST-800-171-3.1.7
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SC-30
      - NIST-800-53-SC-30(2)
      - PCI-DSS-Req-2.2.1
      - PCI-DSSv4-2.2.3
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_randomize_va_space
    
    - name: Ensure sysctl kernel.randomize_va_space is set to 2
      sysctl:
        name: kernel.randomize_va_space
        value: '2'
        sysctl_file: /etc/sysctl.conf
        state: present
        reload: true
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83971-2
      - DISA-STIG-RHEL-09-213070
      - NIST-800-171-3.1.7
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SC-30
      - NIST-800-53-SC-30(2)
      - PCI-DSS-Req-2.2.1
      - PCI-DSSv4-2.2.3
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_randomize_va_space
    

---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,kernel.randomize_va_space%3D2%0A
            mode: 0644
            path: /etc/sysctl.d/75-sysctl_kernel_randomize_va_space.conf
            overwrite: true
    
OVAL test results details

kernel.randomize_va_space static configuration  oval:ssg-test_sysctl_kernel_randomize_va_space_static_user:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_randomize_va_space:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_randomize_va_space:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_randomize_va_space:obj:1

kernel.randomize_va_space static configuration  oval:ssg-test_sysctl_kernel_randomize_va_space_static_user_missing:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_randomize_va_space:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_randomize_va_space:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_randomize_va_space:obj:1

kernel.randomize_va_space static configuration in /usr/lib/sysctl.d/*.conf  oval:ssg-test_sysctl_kernel_randomize_va_space_static_pkg_correct:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_usr_lib_sysctld_sysctl_kernel_randomize_va_space:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/usr/lib/sysctl.d^.*\.conf$^[\s]*kernel.randomize_va_space[\s]*=[\s]*(.*)[\s]*$1

kernel runtime parameter kernel.randomize_va_space set to 2  oval:ssg-test_sysctl_kernel_randomize_va_space_runtime:tst:1  true

Following items have been found on the system:
NameValue
kernel.randomize_va_space2
Restrict Access to Kernel Message Bufferxccdf_org.ssgproject.content_rule_sysctl_kernel_dmesg_restrict lowCCE-83952-2

Restrict Access to Kernel Message Buffer

Rule IDxccdf_org.ssgproject.content_rule_sysctl_kernel_dmesg_restrict
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sysctl_kernel_dmesg_restrict:def:1
Time2024-02-25T14:40:04+08:00
Severitylow
Identifiers and References

Identifiers:  CCE-83952-2

References:  BP28(R23), 3.1.5, CCI-001090, CCI-001314, 164.308(a)(1)(ii)(D), 164.308(a)(3), 164.308(a)(4), 164.310(b), 164.310(c), 164.312(a), 164.312(e), SI-11(a), SI-11(b), SRG-OS-000132-GPOS-00067, SRG-OS-000138-GPOS-00069, SRG-APP-000243-CTR-000600, RHEL-09-213010, SV-257797r925378_rule

Description
To set the runtime status of the kernel.dmesg_restrict kernel parameter, run the following command:
$ sudo sysctl -w kernel.dmesg_restrict=1
To make sure that the setting is persistent, add the following line to a file in the directory /etc/sysctl.d:
kernel.dmesg_restrict = 1
Rationale
Unprivileged access to the kernel syslog can expose sensitive kernel address information.

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    # Comment out any occurrences of kernel.dmesg_restrict from /etc/sysctl.d/*.conf files
    
    for f in /etc/sysctl.d/*.conf /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf; do
    
      matching_list=$(grep -P '^(?!#).*[\s]*kernel.dmesg_restrict.*$' $f | uniq )
      if ! test -z "$matching_list"; then
        while IFS= read -r entry; do
          escaped_entry=$(sed -e 's|/|\\/|g' <<< "$entry")
          # comment out "kernel.dmesg_restrict" matches to preserve user data
          sed -i "s/^${escaped_entry}$/# &/g" $f
        done <<< "$matching_list"
      fi
    done
    
    #
    # Set sysctl config file which to save the desired value
    #
    
    SYSCONFIG_FILE="/etc/sysctl.conf"
    
    
    #
    # Set runtime for kernel.dmesg_restrict
    #
    /sbin/sysctl -q -n -w kernel.dmesg_restrict="1"
    
    #
    # If kernel.dmesg_restrict present in /etc/sysctl.conf, change value to "1"
    #	else, add "kernel.dmesg_restrict = 1" to /etc/sysctl.conf
    #
    
    # Strip any search characters in the key arg so that the key can be replaced without
    # adding any search characters to the config file.
    stripped_key=$(sed 's/[\^=\$,;+]*//g' <<< "^kernel.dmesg_restrict")
    
    # shellcheck disable=SC2059
    printf -v formatted_output "%s = %s" "$stripped_key" "1"
    
    # If the key exists, change it. Otherwise, add it to the config_file.
    # We search for the key string followed by a word boundary (matched by \>),
    # so if we search for 'setting', 'setting2' won't match.
    if LC_ALL=C grep -q -m 1 -i -e "^kernel.dmesg_restrict\\>" "${SYSCONFIG_FILE}"; then
        escaped_formatted_output=$(sed -e 's|/|\\/|g' <<< "$formatted_output")
        LC_ALL=C sed -i --follow-symlinks "s/^kernel.dmesg_restrict\\>.*/$escaped_formatted_output/gi" "${SYSCONFIG_FILE}"
    else
        if [[ -s "${SYSCONFIG_FILE}" ]] && [[ -n "$(tail -c 1 -- "${SYSCONFIG_FILE}" || true)" ]]; then
            LC_ALL=C sed -i --follow-symlinks '$a'\\ "${SYSCONFIG_FILE}"
        fi
        cce="CCE-83952-2"
        printf '# Per %s: Set %s in %s\n' "${cce}" "${formatted_output}" "${SYSCONFIG_FILE}" >> "${SYSCONFIG_FILE}"
        printf '%s\n' "$formatted_output" >> "${SYSCONFIG_FILE}"
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
- name: List /etc/sysctl.d/*.conf files
      find:
        paths:
        - /etc/sysctl.d/
        - /run/sysctl.d/
        - /usr/local/lib/sysctl.d/
        contains: ^[\s]*kernel.dmesg_restrict.*$
        patterns: '*.conf'
        file_type: any
      register: find_sysctl_d
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83952-2
      - DISA-STIG-RHEL-09-213010
      - NIST-800-171-3.1.5
      - NIST-800-53-SI-11(a)
      - NIST-800-53-SI-11(b)
      - disable_strategy
      - low_complexity
      - low_severity
      - medium_disruption
      - reboot_required
      - sysctl_kernel_dmesg_restrict
    
    - name: Comment out any occurrences of kernel.dmesg_restrict from config files
      replace:
        path: '{{ item.path }}'
        regexp: ^[\s]*kernel.dmesg_restrict
        replace: '#kernel.dmesg_restrict'
      loop: '{{ find_sysctl_d.files }}'
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83952-2
      - DISA-STIG-RHEL-09-213010
      - NIST-800-171-3.1.5
      - NIST-800-53-SI-11(a)
      - NIST-800-53-SI-11(b)
      - disable_strategy
      - low_complexity
      - low_severity
      - medium_disruption
      - reboot_required
      - sysctl_kernel_dmesg_restrict
    
    - name: Ensure sysctl kernel.dmesg_restrict is set to 1
      sysctl:
        name: kernel.dmesg_restrict
        value: '1'
        sysctl_file: /etc/sysctl.conf
        state: present
        reload: true
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83952-2
      - DISA-STIG-RHEL-09-213010
      - NIST-800-171-3.1.5
      - NIST-800-53-SI-11(a)
      - NIST-800-53-SI-11(b)
      - disable_strategy
      - low_complexity
      - low_severity
      - medium_disruption
      - reboot_required
      - sysctl_kernel_dmesg_restrict
    

---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,kernel.dmesg_restrict%3D1%0A
            mode: 0644
            path: /etc/sysctl.d/75-sysctl_kernel_dmesg_restrict.conf
            overwrite: true
    
OVAL test results details

kernel.dmesg_restrict static configuration  oval:ssg-test_sysctl_kernel_dmesg_restrict_static_user:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_dmesg_restrict:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_dmesg_restrict:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_dmesg_restrict:obj:1

kernel.dmesg_restrict static configuration  oval:ssg-test_sysctl_kernel_dmesg_restrict_static_user_missing:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_dmesg_restrict:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_dmesg_restrict:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_dmesg_restrict:obj:1

kernel.dmesg_restrict static configuration in /usr/lib/sysctl.d/*.conf  oval:ssg-test_sysctl_kernel_dmesg_restrict_static_pkg_correct:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_usr_lib_sysctld_sysctl_kernel_dmesg_restrict:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/usr/lib/sysctl.d^.*\.conf$^[\s]*kernel.dmesg_restrict[\s]*=[\s]*(.*)[\s]*$1

kernel runtime parameter kernel.dmesg_restrict set to 1  oval:ssg-test_sysctl_kernel_dmesg_restrict_runtime:tst:1  false

Following items have been found on the system:
NameValue
kernel.dmesg_restrict0
Disable Kernel Image Loadingxccdf_org.ssgproject.content_rule_sysctl_kernel_kexec_load_disabled mediumCCE-83954-8

Disable Kernel Image Loading

Rule IDxccdf_org.ssgproject.content_rule_sysctl_kernel_kexec_load_disabled
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sysctl_kernel_kexec_load_disabled:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83954-8

References:  CCI-001749, CM-6, SRG-OS-000480-GPOS-00227, SRG-OS-000366-GPOS-00153, RHEL-09-213020, SV-257799r925384_rule

Description
To set the runtime status of the kernel.kexec_load_disabled kernel parameter, run the following command:
$ sudo sysctl -w kernel.kexec_load_disabled=1
To make sure that the setting is persistent, add the following line to a file in the directory /etc/sysctl.d:
kernel.kexec_load_disabled = 1
Rationale
Disabling kexec_load allows greater control of the kernel memory. It makes it impossible to load another kernel image after it has been disabled.

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    # Comment out any occurrences of kernel.kexec_load_disabled from /etc/sysctl.d/*.conf files
    
    for f in /etc/sysctl.d/*.conf /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf; do
    
      matching_list=$(grep -P '^(?!#).*[\s]*kernel.kexec_load_disabled.*$' $f | uniq )
      if ! test -z "$matching_list"; then
        while IFS= read -r entry; do
          escaped_entry=$(sed -e 's|/|\\/|g' <<< "$entry")
          # comment out "kernel.kexec_load_disabled" matches to preserve user data
          sed -i "s/^${escaped_entry}$/# &/g" $f
        done <<< "$matching_list"
      fi
    done
    
    #
    # Set sysctl config file which to save the desired value
    #
    
    SYSCONFIG_FILE="/etc/sysctl.conf"
    
    
    #
    # Set runtime for kernel.kexec_load_disabled
    #
    /sbin/sysctl -q -n -w kernel.kexec_load_disabled="1"
    
    #
    # If kernel.kexec_load_disabled present in /etc/sysctl.conf, change value to "1"
    #	else, add "kernel.kexec_load_disabled = 1" to /etc/sysctl.conf
    #
    
    # Strip any search characters in the key arg so that the key can be replaced without
    # adding any search characters to the config file.
    stripped_key=$(sed 's/[\^=\$,;+]*//g' <<< "^kernel.kexec_load_disabled")
    
    # shellcheck disable=SC2059
    printf -v formatted_output "%s = %s" "$stripped_key" "1"
    
    # If the key exists, change it. Otherwise, add it to the config_file.
    # We search for the key string followed by a word boundary (matched by \>),
    # so if we search for 'setting', 'setting2' won't match.
    if LC_ALL=C grep -q -m 1 -i -e "^kernel.kexec_load_disabled\\>" "${SYSCONFIG_FILE}"; then
        escaped_formatted_output=$(sed -e 's|/|\\/|g' <<< "$formatted_output")
        LC_ALL=C sed -i --follow-symlinks "s/^kernel.kexec_load_disabled\\>.*/$escaped_formatted_output/gi" "${SYSCONFIG_FILE}"
    else
        if [[ -s "${SYSCONFIG_FILE}" ]] && [[ -n "$(tail -c 1 -- "${SYSCONFIG_FILE}" || true)" ]]; then
            LC_ALL=C sed -i --follow-symlinks '$a'\\ "${SYSCONFIG_FILE}"
        fi
        cce="CCE-83954-8"
        printf '# Per %s: Set %s in %s\n' "${cce}" "${formatted_output}" "${SYSCONFIG_FILE}" >> "${SYSCONFIG_FILE}"
        printf '%s\n' "$formatted_output" >> "${SYSCONFIG_FILE}"
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
- name: List /etc/sysctl.d/*.conf files
      find:
        paths:
        - /etc/sysctl.d/
        - /run/sysctl.d/
        - /usr/local/lib/sysctl.d/
        contains: ^[\s]*kernel.kexec_load_disabled.*$
        patterns: '*.conf'
        file_type: any
      register: find_sysctl_d
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83954-8
      - DISA-STIG-RHEL-09-213020
      - NIST-800-53-CM-6
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_kexec_load_disabled
    
    - name: Comment out any occurrences of kernel.kexec_load_disabled from config files
      replace:
        path: '{{ item.path }}'
        regexp: ^[\s]*kernel.kexec_load_disabled
        replace: '#kernel.kexec_load_disabled'
      loop: '{{ find_sysctl_d.files }}'
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83954-8
      - DISA-STIG-RHEL-09-213020
      - NIST-800-53-CM-6
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_kexec_load_disabled
    
    - name: Ensure sysctl kernel.kexec_load_disabled is set to 1
      sysctl:
        name: kernel.kexec_load_disabled
        value: '1'
        sysctl_file: /etc/sysctl.conf
        state: present
        reload: true
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83954-8
      - DISA-STIG-RHEL-09-213020
      - NIST-800-53-CM-6
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_kexec_load_disabled
    

---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,kernel.kexec_load_disabled%3D1%0A
            mode: 0644
            path: /etc/sysctl.d/75-sysctl_kernel_kexec_load_disabled.conf
            overwrite: true
    
OVAL test results details

kernel.kexec_load_disabled static configuration  oval:ssg-test_sysctl_kernel_kexec_load_disabled_static_user:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_kexec_load_disabled:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_kexec_load_disabled:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_kexec_load_disabled:obj:1

kernel.kexec_load_disabled static configuration  oval:ssg-test_sysctl_kernel_kexec_load_disabled_static_user_missing:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_kexec_load_disabled:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_kexec_load_disabled:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_kexec_load_disabled:obj:1

kernel.kexec_load_disabled static configuration in /usr/lib/sysctl.d/*.conf  oval:ssg-test_sysctl_kernel_kexec_load_disabled_static_pkg_correct:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_usr_lib_sysctld_sysctl_kernel_kexec_load_disabled:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/usr/lib/sysctl.d^.*\.conf$^[\s]*kernel.kexec_load_disabled[\s]*=[\s]*(.*)[\s]*$1

kernel runtime parameter kernel.kexec_load_disabled set to 1  oval:ssg-test_sysctl_kernel_kexec_load_disabled_runtime:tst:1  false

Following items have been found on the system:
NameValue
kernel.kexec_load_disabled0
Disable Access to Network bpf() Syscall From Unprivileged Processesxccdf_org.ssgproject.content_rule_sysctl_kernel_unprivileged_bpf_disabled mediumCCE-83957-1

Disable Access to Network bpf() Syscall From Unprivileged Processes

Rule IDxccdf_org.ssgproject.content_rule_sysctl_kernel_unprivileged_bpf_disabled
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sysctl_kernel_unprivileged_bpf_disabled:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83957-1

References:  BP28(R9), CCI-000366, AC-6, SC-7(10), FMT_SMF_EXT.1, SRG-OS-000132-GPOS-00067, SRG-OS-000480-GPOS-00227, RHEL-09-213075, SV-257810r925417_rule

Description
To set the runtime status of the kernel.unprivileged_bpf_disabled kernel parameter, run the following command:
$ sudo sysctl -w kernel.unprivileged_bpf_disabled=1
To make sure that the setting is persistent, add the following line to a file in the directory /etc/sysctl.d:
kernel.unprivileged_bpf_disabled = 1
Rationale
Loading and accessing the packet filters programs and maps using the bpf() syscall has the potential of revealing sensitive information about the kernel state.

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    # Comment out any occurrences of kernel.unprivileged_bpf_disabled from /etc/sysctl.d/*.conf files
    
    for f in /etc/sysctl.d/*.conf /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf; do
    
      matching_list=$(grep -P '^(?!#).*[\s]*kernel.unprivileged_bpf_disabled.*$' $f | uniq )
      if ! test -z "$matching_list"; then
        while IFS= read -r entry; do
          escaped_entry=$(sed -e 's|/|\\/|g' <<< "$entry")
          # comment out "kernel.unprivileged_bpf_disabled" matches to preserve user data
          sed -i "s/^${escaped_entry}$/# &/g" $f
        done <<< "$matching_list"
      fi
    done
    
    #
    # Set sysctl config file which to save the desired value
    #
    
    SYSCONFIG_FILE="/etc/sysctl.conf"
    
    
    #
    # Set runtime for kernel.unprivileged_bpf_disabled
    #
    /sbin/sysctl -q -n -w kernel.unprivileged_bpf_disabled="1"
    
    #
    # If kernel.unprivileged_bpf_disabled present in /etc/sysctl.conf, change value to "1"
    #	else, add "kernel.unprivileged_bpf_disabled = 1" to /etc/sysctl.conf
    #
    
    # Strip any search characters in the key arg so that the key can be replaced without
    # adding any search characters to the config file.
    stripped_key=$(sed 's/[\^=\$,;+]*//g' <<< "^kernel.unprivileged_bpf_disabled")
    
    # shellcheck disable=SC2059
    printf -v formatted_output "%s = %s" "$stripped_key" "1"
    
    # If the key exists, change it. Otherwise, add it to the config_file.
    # We search for the key string followed by a word boundary (matched by \>),
    # so if we search for 'setting', 'setting2' won't match.
    if LC_ALL=C grep -q -m 1 -i -e "^kernel.unprivileged_bpf_disabled\\>" "${SYSCONFIG_FILE}"; then
        escaped_formatted_output=$(sed -e 's|/|\\/|g' <<< "$formatted_output")
        LC_ALL=C sed -i --follow-symlinks "s/^kernel.unprivileged_bpf_disabled\\>.*/$escaped_formatted_output/gi" "${SYSCONFIG_FILE}"
    else
        if [[ -s "${SYSCONFIG_FILE}" ]] && [[ -n "$(tail -c 1 -- "${SYSCONFIG_FILE}" || true)" ]]; then
            LC_ALL=C sed -i --follow-symlinks '$a'\\ "${SYSCONFIG_FILE}"
        fi
        cce="CCE-83957-1"
        printf '# Per %s: Set %s in %s\n' "${cce}" "${formatted_output}" "${SYSCONFIG_FILE}" >> "${SYSCONFIG_FILE}"
        printf '%s\n' "$formatted_output" >> "${SYSCONFIG_FILE}"
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
- name: List /etc/sysctl.d/*.conf files
      find:
        paths:
        - /etc/sysctl.d/
        - /run/sysctl.d/
        - /usr/local/lib/sysctl.d/
        contains: ^[\s]*kernel.unprivileged_bpf_disabled.*$
        patterns: '*.conf'
        file_type: any
      register: find_sysctl_d
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83957-1
      - DISA-STIG-RHEL-09-213075
      - NIST-800-53-AC-6
      - NIST-800-53-SC-7(10)
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_unprivileged_bpf_disabled
    
    - name: Comment out any occurrences of kernel.unprivileged_bpf_disabled from config
        files
      replace:
        path: '{{ item.path }}'
        regexp: ^[\s]*kernel.unprivileged_bpf_disabled
        replace: '#kernel.unprivileged_bpf_disabled'
      loop: '{{ find_sysctl_d.files }}'
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83957-1
      - DISA-STIG-RHEL-09-213075
      - NIST-800-53-AC-6
      - NIST-800-53-SC-7(10)
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_unprivileged_bpf_disabled
    
    - name: Ensure sysctl kernel.unprivileged_bpf_disabled is set to 1
      sysctl:
        name: kernel.unprivileged_bpf_disabled
        value: '1'
        sysctl_file: /etc/sysctl.conf
        state: present
        reload: true
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83957-1
      - DISA-STIG-RHEL-09-213075
      - NIST-800-53-AC-6
      - NIST-800-53-SC-7(10)
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_unprivileged_bpf_disabled
    

---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,kernel.unprivileged_bpf_disabled%3D1%0A
            mode: 0644
            path: /etc/sysctl.d/75-sysctl_kernel_unprivileged_bpf_disabled.conf
            overwrite: true
    
OVAL test results details

kernel.unprivileged_bpf_disabled static configuration  oval:ssg-test_sysctl_kernel_unprivileged_bpf_disabled_static_user:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_unprivileged_bpf_disabled:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_unprivileged_bpf_disabled:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_unprivileged_bpf_disabled:obj:1

kernel.unprivileged_bpf_disabled static configuration  oval:ssg-test_sysctl_kernel_unprivileged_bpf_disabled_static_user_missing:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_unprivileged_bpf_disabled:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_unprivileged_bpf_disabled:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_unprivileged_bpf_disabled:obj:1

kernel.unprivileged_bpf_disabled static configuration in /usr/lib/sysctl.d/*.conf  oval:ssg-test_sysctl_kernel_unprivileged_bpf_disabled_static_pkg_correct:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_usr_lib_sysctld_sysctl_kernel_unprivileged_bpf_disabled:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/usr/lib/sysctl.d^.*\.conf$^[\s]*kernel.unprivileged_bpf_disabled[\s]*=[\s]*(.*)[\s]*$1

kernel runtime parameter kernel.unprivileged_bpf_disabled set to 1  oval:ssg-test_sysctl_kernel_unprivileged_bpf_disabled_runtime:tst:1  false

Following items have been found on the system:
NameValue
kernel.unprivileged_bpf_disabled2
Restrict usage of ptrace to descendant processesxccdf_org.ssgproject.content_rule_sysctl_kernel_yama_ptrace_scope mediumCCE-83965-4

Restrict usage of ptrace to descendant processes

Rule IDxccdf_org.ssgproject.content_rule_sysctl_kernel_yama_ptrace_scope
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sysctl_kernel_yama_ptrace_scope:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83965-4

References:  BP28(R25), CCI-000366, SC-7(10), SRG-OS-000132-GPOS-00067, SRG-OS-000480-GPOS-00227, RHEL-09-213080, SV-257811r925420_rule

Description
To set the runtime status of the kernel.yama.ptrace_scope kernel parameter, run the following command:
$ sudo sysctl -w kernel.yama.ptrace_scope=1
To make sure that the setting is persistent, add the following line to a file in the directory /etc/sysctl.d:
kernel.yama.ptrace_scope = 1
Rationale
Unrestricted usage of ptrace allows compromised binaries to run ptrace on another processes of the user. Like this, the attacker can steal sensitive information from the target processes (e.g. SSH sessions, web browser, ...) without any additional assistance from the user (i.e. without resorting to phishing).

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    # Comment out any occurrences of kernel.yama.ptrace_scope from /etc/sysctl.d/*.conf files
    
    for f in /etc/sysctl.d/*.conf /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf; do
    
      matching_list=$(grep -P '^(?!#).*[\s]*kernel.yama.ptrace_scope.*$' $f | uniq )
      if ! test -z "$matching_list"; then
        while IFS= read -r entry; do
          escaped_entry=$(sed -e 's|/|\\/|g' <<< "$entry")
          # comment out "kernel.yama.ptrace_scope" matches to preserve user data
          sed -i "s/^${escaped_entry}$/# &/g" $f
        done <<< "$matching_list"
      fi
    done
    
    #
    # Set sysctl config file which to save the desired value
    #
    
    SYSCONFIG_FILE="/etc/sysctl.conf"
    
    
    #
    # Set runtime for kernel.yama.ptrace_scope
    #
    /sbin/sysctl -q -n -w kernel.yama.ptrace_scope="1"
    
    #
    # If kernel.yama.ptrace_scope present in /etc/sysctl.conf, change value to "1"
    #	else, add "kernel.yama.ptrace_scope = 1" to /etc/sysctl.conf
    #
    
    # Strip any search characters in the key arg so that the key can be replaced without
    # adding any search characters to the config file.
    stripped_key=$(sed 's/[\^=\$,;+]*//g' <<< "^kernel.yama.ptrace_scope")
    
    # shellcheck disable=SC2059
    printf -v formatted_output "%s = %s" "$stripped_key" "1"
    
    # If the key exists, change it. Otherwise, add it to the config_file.
    # We search for the key string followed by a word boundary (matched by \>),
    # so if we search for 'setting', 'setting2' won't match.
    if LC_ALL=C grep -q -m 1 -i -e "^kernel.yama.ptrace_scope\\>" "${SYSCONFIG_FILE}"; then
        escaped_formatted_output=$(sed -e 's|/|\\/|g' <<< "$formatted_output")
        LC_ALL=C sed -i --follow-symlinks "s/^kernel.yama.ptrace_scope\\>.*/$escaped_formatted_output/gi" "${SYSCONFIG_FILE}"
    else
        if [[ -s "${SYSCONFIG_FILE}" ]] && [[ -n "$(tail -c 1 -- "${SYSCONFIG_FILE}" || true)" ]]; then
            LC_ALL=C sed -i --follow-symlinks '$a'\\ "${SYSCONFIG_FILE}"
        fi
        cce="CCE-83965-4"
        printf '# Per %s: Set %s in %s\n' "${cce}" "${formatted_output}" "${SYSCONFIG_FILE}" >> "${SYSCONFIG_FILE}"
        printf '%s\n' "$formatted_output" >> "${SYSCONFIG_FILE}"
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
- name: List /etc/sysctl.d/*.conf files
      find:
        paths:
        - /etc/sysctl.d/
        - /run/sysctl.d/
        - /usr/local/lib/sysctl.d/
        contains: ^[\s]*kernel.yama.ptrace_scope.*$
        patterns: '*.conf'
        file_type: any
      register: find_sysctl_d
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83965-4
      - DISA-STIG-RHEL-09-213080
      - NIST-800-53-SC-7(10)
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_yama_ptrace_scope
    
    - name: Comment out any occurrences of kernel.yama.ptrace_scope from config files
      replace:
        path: '{{ item.path }}'
        regexp: ^[\s]*kernel.yama.ptrace_scope
        replace: '#kernel.yama.ptrace_scope'
      loop: '{{ find_sysctl_d.files }}'
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83965-4
      - DISA-STIG-RHEL-09-213080
      - NIST-800-53-SC-7(10)
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_yama_ptrace_scope
    
    - name: Ensure sysctl kernel.yama.ptrace_scope is set to 1
      sysctl:
        name: kernel.yama.ptrace_scope
        value: '1'
        sysctl_file: /etc/sysctl.conf
        state: present
        reload: true
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83965-4
      - DISA-STIG-RHEL-09-213080
      - NIST-800-53-SC-7(10)
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_kernel_yama_ptrace_scope
    

---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,kernel.yama.ptrace_scope%3D1%0A
            mode: 0644
            path: /etc/sysctl.d/75-sysctl_kernel_yama_ptrace_scope.conf
            overwrite: true
    
OVAL test results details

kernel.yama.ptrace_scope static configuration  oval:ssg-test_sysctl_kernel_yama_ptrace_scope_static_user:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_yama_ptrace_scope:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_yama_ptrace_scope:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_yama_ptrace_scope:obj:1

kernel.yama.ptrace_scope static configuration  oval:ssg-test_sysctl_kernel_yama_ptrace_scope_static_user_missing:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_kernel_yama_ptrace_scope:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_kernel_yama_ptrace_scope:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_kernel_yama_ptrace_scope:obj:1

kernel.yama.ptrace_scope static configuration in /usr/lib/sysctl.d/*.conf  oval:ssg-test_sysctl_kernel_yama_ptrace_scope_static_pkg_correct:tst:1  false

Following items have been found on the system:
PathContent
/usr/lib/sysctl.d/10-default-yama-scope.confkernel.yama.ptrace_scope = 0

kernel runtime parameter kernel.yama.ptrace_scope set to 1  oval:ssg-test_sysctl_kernel_yama_ptrace_scope_runtime:tst:1  false

Following items have been found on the system:
NameValue
kernel.yama.ptrace_scope0
Harden the operation of the BPF just-in-time compilerxccdf_org.ssgproject.content_rule_sysctl_net_core_bpf_jit_harden mediumCCE-83966-2

Harden the operation of the BPF just-in-time compiler

Rule IDxccdf_org.ssgproject.content_rule_sysctl_net_core_bpf_jit_harden
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sysctl_net_core_bpf_jit_harden:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-83966-2

References:  BP28(R12), CCI-000366, CM-6, SC-7(10), FMT_SMF_EXT.1, SRG-OS-000480-GPOS-00227, RHEL-09-251045, SV-257942r925813_rule

Description
To set the runtime status of the net.core.bpf_jit_harden kernel parameter, run the following command:
$ sudo sysctl -w net.core.bpf_jit_harden=2
To make sure that the setting is persistent, add the following line to a file in the directory /etc/sysctl.d:
net.core.bpf_jit_harden = 2
Rationale
When hardened, the extended Berkeley Packet Filter just-in-time compiler will randomize any kernel addresses in the BPF programs and maps, and will not expose the JIT addresses in /proc/kallsyms.

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    # Comment out any occurrences of net.core.bpf_jit_harden from /etc/sysctl.d/*.conf files
    
    for f in /etc/sysctl.d/*.conf /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf; do
    
      matching_list=$(grep -P '^(?!#).*[\s]*net.core.bpf_jit_harden.*$' $f | uniq )
      if ! test -z "$matching_list"; then
        while IFS= read -r entry; do
          escaped_entry=$(sed -e 's|/|\\/|g' <<< "$entry")
          # comment out "net.core.bpf_jit_harden" matches to preserve user data
          sed -i "s/^${escaped_entry}$/# &/g" $f
        done <<< "$matching_list"
      fi
    done
    
    #
    # Set sysctl config file which to save the desired value
    #
    
    SYSCONFIG_FILE="/etc/sysctl.conf"
    
    
    #
    # Set runtime for net.core.bpf_jit_harden
    #
    /sbin/sysctl -q -n -w net.core.bpf_jit_harden="2"
    
    #
    # If net.core.bpf_jit_harden present in /etc/sysctl.conf, change value to "2"
    #	else, add "net.core.bpf_jit_harden = 2" to /etc/sysctl.conf
    #
    
    # Strip any search characters in the key arg so that the key can be replaced without
    # adding any search characters to the config file.
    stripped_key=$(sed 's/[\^=\$,;+]*//g' <<< "^net.core.bpf_jit_harden")
    
    # shellcheck disable=SC2059
    printf -v formatted_output "%s = %s" "$stripped_key" "2"
    
    # If the key exists, change it. Otherwise, add it to the config_file.
    # We search for the key string followed by a word boundary (matched by \>),
    # so if we search for 'setting', 'setting2' won't match.
    if LC_ALL=C grep -q -m 1 -i -e "^net.core.bpf_jit_harden\\>" "${SYSCONFIG_FILE}"; then
        escaped_formatted_output=$(sed -e 's|/|\\/|g' <<< "$formatted_output")
        LC_ALL=C sed -i --follow-symlinks "s/^net.core.bpf_jit_harden\\>.*/$escaped_formatted_output/gi" "${SYSCONFIG_FILE}"
    else
        if [[ -s "${SYSCONFIG_FILE}" ]] && [[ -n "$(tail -c 1 -- "${SYSCONFIG_FILE}" || true)" ]]; then
            LC_ALL=C sed -i --follow-symlinks '$a'\\ "${SYSCONFIG_FILE}"
        fi
        cce="CCE-83966-2"
        printf '# Per %s: Set %s in %s\n' "${cce}" "${formatted_output}" "${SYSCONFIG_FILE}" >> "${SYSCONFIG_FILE}"
        printf '%s\n' "$formatted_output" >> "${SYSCONFIG_FILE}"
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
- name: List /etc/sysctl.d/*.conf files
      find:
        paths:
        - /etc/sysctl.d/
        - /run/sysctl.d/
        - /usr/local/lib/sysctl.d/
        contains: ^[\s]*net.core.bpf_jit_harden.*$
        patterns: '*.conf'
        file_type: any
      register: find_sysctl_d
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83966-2
      - DISA-STIG-RHEL-09-251045
      - NIST-800-53-CM-6
      - NIST-800-53-SC-7(10)
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_net_core_bpf_jit_harden
    
    - name: Comment out any occurrences of net.core.bpf_jit_harden from config files
      replace:
        path: '{{ item.path }}'
        regexp: ^[\s]*net.core.bpf_jit_harden
        replace: '#net.core.bpf_jit_harden'
      loop: '{{ find_sysctl_d.files }}'
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83966-2
      - DISA-STIG-RHEL-09-251045
      - NIST-800-53-CM-6
      - NIST-800-53-SC-7(10)
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_net_core_bpf_jit_harden
    
    - name: Ensure sysctl net.core.bpf_jit_harden is set to 2
      sysctl:
        name: net.core.bpf_jit_harden
        value: '2'
        sysctl_file: /etc/sysctl.conf
        state: present
        reload: true
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-83966-2
      - DISA-STIG-RHEL-09-251045
      - NIST-800-53-CM-6
      - NIST-800-53-SC-7(10)
      - disable_strategy
      - low_complexity
      - medium_disruption
      - medium_severity
      - reboot_required
      - sysctl_net_core_bpf_jit_harden
    

---
    apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        storage:
          files:
          - contents:
              source: data:,net.core.bpf_jit_harden%3D2%0A
            mode: 0644
            path: /etc/sysctl.d/75-sysctl_net_core_bpf_jit_harden.conf
            overwrite: true
    
OVAL test results details

net.core.bpf_jit_harden static configuration  oval:ssg-test_sysctl_net_core_bpf_jit_harden_static_user:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_net_core_bpf_jit_harden:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_net_core_bpf_jit_harden:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_net_core_bpf_jit_harden:obj:1

net.core.bpf_jit_harden static configuration  oval:ssg-test_sysctl_net_core_bpf_jit_harden_static_user_missing:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-object_static_user_sysctl_net_core_bpf_jit_harden:obj:1 of type textfilecontent54_object
Set
oval:ssg-object_static_etc_sysctls_sysctl_net_core_bpf_jit_harden:obj:1 oval:ssg-object_static_run_usr_local_sysctls_sysctl_net_core_bpf_jit_harden:obj:1

net.core.bpf_jit_harden static configuration in /usr/lib/sysctl.d/*.conf  oval:ssg-test_sysctl_net_core_bpf_jit_harden_static_pkg_correct:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-object_static_usr_lib_sysctld_sysctl_net_core_bpf_jit_harden:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/usr/lib/sysctl.d^.*\.conf$^[\s]*net.core.bpf_jit_harden[\s]*=[\s]*(.*)[\s]*$1

kernel runtime parameter net.core.bpf_jit_harden set to 2  oval:ssg-test_sysctl_net_core_bpf_jit_harden_runtime:tst:1  false

Following items have been found on the system:
NameValue
net.core.bpf_jit_harden1
Configure SELinux Policyxccdf_org.ssgproject.content_rule_selinux_policytype mediumCCE-84074-4

Configure SELinux Policy

Rule IDxccdf_org.ssgproject.content_rule_selinux_policytype
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-selinux_policytype:def:1
Time2024-02-25T14:40:04+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84074-4

References:  BP28(R66), A.6.SEC-RHEL1, 1, 11, 12, 13, 14, 15, 16, 18, 3, 4, 5, 6, 8, 9, APO01.06, APO11.04, APO13.01, BAI03.05, DSS01.05, DSS03.01, DSS05.02, DSS05.04, DSS05.05, DSS05.07, DSS06.02, DSS06.03, DSS06.06, MEA02.01, 3.1.2, 3.7.2, CCI-002165, CCI-002696, 164.308(a)(1)(ii)(D), 164.308(a)(3), 164.308(a)(4), 164.310(b), 164.310(c), 164.312(a), 164.312(e), 4.2.3.4, 4.3.3.2.2, 4.3.3.3.9, 4.3.3.4, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, 4.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.10, SR 2.11, SR 2.12, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.12.1.1, A.12.1.2, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.1.2, A.13.1.3, A.13.2.1, A.13.2.2, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.1, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R5.1.1, CIP-003-8 R5.2, CIP-003-8 R5.3, CIP-004-6 R2.2.3, CIP-004-6 R2.3, CIP-004-6 R3.3, CIP-007-3 R5.1, CIP-007-3 R5.1.2, CIP-007-3 R5.2, CIP-007-3 R5.3.1, CIP-007-3 R5.3.2, CIP-007-3 R5.3.3, CIP-007-3 R6.5, AC-3, AC-3(3)(a), AU-9, SC-7(21), DE.AE-1, ID.AM-3, PR.AC-4, PR.AC-5, PR.AC-6, PR.DS-5, PR.PT-1, PR.PT-3, PR.PT-4, SRG-OS-000445-GPOS-00199, SRG-APP-000233-CTR-000585, RHEL-09-431015, 1.6.1.3, SV-258079r926224_rule

Description
The SELinux targeted policy is appropriate for general-purpose desktops and servers, as well as systems in many other roles. To configure the system to use this policy, add or correct the following line in /etc/selinux/config:
SELINUXTYPE=targeted
Other policies, such as mls, provide additional security labeling and greater confinement but are not compatible with many general-purpose use cases.
Rationale
Setting the SELinux policy to targeted or a more specialized policy ensures the system will confine processes that are likely to be targeted for exploitation, such as network or system services.

Note: During the development or debugging of SELinux modules, it is common to temporarily place non-production systems in permissive mode. In such temporary cases, SELinux policies should be developed, and once work is completed, the system should be reconfigured to targeted.
OVAL test results details

Tests the value of the ^[\s]*SELINUXTYPE[\s]*=[\s]*([^#]*) expression in the /etc/selinux/config file  oval:ssg-test_selinux_policy:tst:1  true

Following items have been found on the system:
PathContent
/etc/selinux/configSELINUXTYPE=targeted
Ensure SELinux State is Enforcingxccdf_org.ssgproject.content_rule_selinux_state highCCE-84079-3

Ensure SELinux State is Enforcing

Rule IDxccdf_org.ssgproject.content_rule_selinux_state
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-selinux_state:def:1
Time2024-02-25T14:40:04+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-84079-3

References:  BP28(R4), BP28(R66), A.6.SEC-RHEL1, 1, 11, 12, 13, 14, 15, 16, 18, 3, 4, 5, 6, 8, 9, APO01.06, APO11.04, APO13.01, BAI03.05, DSS01.05, DSS03.01, DSS05.02, DSS05.04, DSS05.05, DSS05.07, DSS06.02, DSS06.03, DSS06.06, MEA02.01, 3.1.2, 3.7.2, CCI-001084, CCI-002165, CCI-002696, 164.308(a)(1)(ii)(D), 164.308(a)(3), 164.308(a)(4), 164.310(b), 164.310(c), 164.312(a), 164.312(e), 4.2.3.4, 4.3.3.2.2, 4.3.3.3.9, 4.3.3.4, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.4.7, 4.4.2.1, 4.4.2.2, 4.4.2.4, 4.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.10, SR 2.11, SR 2.12, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 2.8, SR 2.9, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.12.1.1, A.12.1.2, A.12.4.1, A.12.4.2, A.12.4.3, A.12.4.4, A.12.7.1, A.13.1.1, A.13.1.2, A.13.1.3, A.13.2.1, A.13.2.2, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.1, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R5.1.1, CIP-003-8 R5.2, CIP-003-8 R5.3, CIP-004-6 R2.2.3, CIP-004-6 R2.3, CIP-004-6 R3.3, CIP-007-3 R5.1, CIP-007-3 R5.1.2, CIP-007-3 R5.2, CIP-007-3 R5.3.1, CIP-007-3 R5.3.2, CIP-007-3 R5.3.3, CIP-007-3 R6.5, AC-3, AC-3(3)(a), AU-9, SC-7(21), DE.AE-1, ID.AM-3, PR.AC-4, PR.AC-5, PR.AC-6, PR.DS-5, PR.PT-1, PR.PT-3, PR.PT-4, SRG-OS-000445-GPOS-00199, SRG-OS-000134-GPOS-00068, RHEL-09-431010, 1.6.1.5, SV-258078r926221_rule

Description
The SELinux state should be set to enforcing at system boot time. In the file /etc/selinux/config, add or correct the following line to configure the system to boot into enforcing mode:
SELINUX=enforcing
Rationale
Setting the SELinux state to enforcing ensures SELinux is able to confine potentially compromised processes to the security policy, which is designed to prevent them from causing damage to the system or further elevating their privileges.
OVAL test results details

/selinux/enforce is 1  oval:ssg-test_etc_selinux_config:tst:1  true

Following items have been found on the system:
PathContent
/etc/selinux/configSELINUX=enforcing
Disable Avahi Server Softwarexccdf_org.ssgproject.content_rule_service_avahi-daemon_disabled mediumCCE-90824-4

Disable Avahi Server Software

Rule IDxccdf_org.ssgproject.content_rule_service_avahi-daemon_disabled
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-service_avahi-daemon_disabled:def:1
Time2024-02-25T14:40:05+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-90824-4

References:  11, 14, 3, 9, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS05.02, DSS05.05, DSS06.06, CCI-000366, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 7.6, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, A.9.1.2, CM-7(a), CM-7(b), CM-6(a), PR.IP-1, PR.PT-3, 2.2.4

Description
The avahi-daemon service can be disabled with the following command:
$ sudo systemctl mask --now avahi-daemon.service
Rationale
Because the Avahi daemon service keeps an open network port, it is subject to network attacks. Its functionality is convenient but is only appropriate if the local network can be trusted.

Complexity:low
Disruption:low
Reboot:false
Strategy:disable
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    SYSTEMCTL_EXEC='/usr/bin/systemctl'
    "$SYSTEMCTL_EXEC" stop 'avahi-daemon.service'
    "$SYSTEMCTL_EXEC" disable 'avahi-daemon.service'
    "$SYSTEMCTL_EXEC" mask 'avahi-daemon.service'
    # Disable socket activation if we have a unit file for it
    if "$SYSTEMCTL_EXEC" -q list-unit-files avahi-daemon.socket; then
        "$SYSTEMCTL_EXEC" stop 'avahi-daemon.socket'
        "$SYSTEMCTL_EXEC" mask 'avahi-daemon.socket'
    fi
    # The service may not be running because it has been started and failed,
    # so let's reset the state so OVAL checks pass.
    # Service should be 'inactive', not 'failed' after reboot though.
    "$SYSTEMCTL_EXEC" reset-failed 'avahi-daemon.service' || true
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:disable
- name: Block Disable service avahi-daemon
      block:
    
      - name: Disable service avahi-daemon
        block:
    
        - name: Disable service avahi-daemon
          systemd:
            name: avahi-daemon.service
            enabled: 'no'
            state: stopped
            masked: 'yes'
        rescue:
    
        - name: Intentionally ignored previous 'Disable service avahi-daemon' failure,
            service was already disabled
          meta: noop
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-90824-4
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - PCI-DSSv4-2.2.4
      - disable_strategy
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - service_avahi-daemon_disabled
    
    - name: Unit Socket Exists - avahi-daemon.socket
      command: systemctl -q list-unit-files avahi-daemon.socket
      register: socket_file_exists
      changed_when: false
      failed_when: socket_file_exists.rc not in [0, 1]
      check_mode: false
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-90824-4
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - PCI-DSSv4-2.2.4
      - disable_strategy
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - service_avahi-daemon_disabled
    
    - name: Disable socket avahi-daemon
      systemd:
        name: avahi-daemon.socket
        enabled: 'no'
        state: stopped
        masked: 'yes'
      when:
      - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      - socket_file_exists.stdout_lines is search("avahi-daemon.socket",multiline=True)
      tags:
      - CCE-90824-4
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - PCI-DSSv4-2.2.4
      - disable_strategy
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - service_avahi-daemon_disabled
    

Complexity:low
Disruption:low
Reboot:false
Strategy:enable
include disable_avahi-daemon
    
    class disable_avahi-daemon {
      service {'avahi-daemon':
        enable => false,
        ensure => 'stopped',
      }
    }
    

Complexity:low
Disruption:medium
Reboot:true
Strategy:disable
apiVersion: machineconfiguration.openshift.io/v1
    kind: MachineConfig
    spec:
      config:
        ignition:
          version: 3.1.0
        systemd:
          units:
          - name: avahi-daemon.service
            enabled: false
            mask: true
          - name: avahi-daemon.socket
            enabled: false
            mask: true
    


    [customizations.services]
    disabled = ["avahi-daemon"]
    
OVAL test results details

package avahi is removed  oval:ssg-test_service_avahi-daemon_package_avahi_removed:tst:1  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
avahiaarch64(none)15.el90.80:0.8-15.el9199e2f91fd431d51avahi-0:0.8-15.el9.aarch64

Test that the avahi-daemon service is not running  oval:ssg-test_service_not_running_avahi-daemon:tst:1  false

Following items have been found on the system:
UnitPropertyValue
avahi-daemon.serviceActiveStateactive
avahi-daemon.socketActiveStateactive

Test that the property LoadState from the service avahi-daemon is masked  oval:ssg-test_service_loadstate_is_masked_avahi-daemon:tst:1  false

Following items have been found on the system:
UnitPropertyValue
avahi-daemon.serviceLoadStateloaded
avahi-daemon.socketLoadStateloaded
Install fapolicyd Packagexccdf_org.ssgproject.content_rule_package_fapolicyd_installed mediumCCE-84224-5

Install fapolicyd Package

Rule IDxccdf_org.ssgproject.content_rule_package_fapolicyd_installed
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-package_fapolicyd_installed:def:1
Time2024-02-25T14:40:05+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84224-5

References:  CCI-001764, CCI-001774, CM-6(a), SI-4(22), SRG-OS-000370-GPOS-00155, SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00230, RHEL-09-433010, SV-258089r926254_rule

Description
The fapolicyd package can be installed with the following command:
    $ sudo dnf install fapolicyd
Rationale
fapolicyd (File Access Policy Daemon) implements application whitelisting to decide file access rights.

Complexity:low
Disruption:low
Reboot:false
Strategy:enable
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    if ! rpm -q --quiet "fapolicyd" ; then
        dnf install -y "fapolicyd"
    fi
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:enable
- name: Ensure fapolicyd is installed
      package:
        name: fapolicyd
        state: present
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-84224-5
      - DISA-STIG-RHEL-09-433010
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-4(22)
      - enable_strategy
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - package_fapolicyd_installed
    

Complexity:low
Disruption:low
Reboot:false
Strategy:enable
include install_fapolicyd
    
    class install_fapolicyd {
      package { 'fapolicyd':
        ensure => 'installed',
      }
    }
    

Complexity:low
Disruption:low
Reboot:false
Strategy:enable

    package --add=fapolicyd
    


    [[packages]]
    name = "fapolicyd"
    version = "*"
    
OVAL test results details

package fapolicyd is installed  oval:ssg-test_package_fapolicyd_installed:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_package_fapolicyd_installed:obj:1 of type rpminfo_object
Name
fapolicyd
Enable the File Access Policy Servicexccdf_org.ssgproject.content_rule_service_fapolicyd_enabled mediumCCE-84227-8

Enable the File Access Policy Service

Rule IDxccdf_org.ssgproject.content_rule_service_fapolicyd_enabled
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-service_fapolicyd_enabled:def:1
Time2024-02-25T14:40:06+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84227-8

References:  CCI-001764, CCI-001774, CM-6(a), SI-4(22), FMT_SMF_EXT.1, SRG-OS-000370-GPOS-00155, SRG-OS-000368-GPOS-00154, SRG-OS-000480-GPOS-00230, RHEL-09-433015, SV-258090r926257_rule

Description
The File Access Policy service should be enabled. The fapolicyd service can be enabled with the following command:
$ sudo systemctl enable fapolicyd.service
Rationale
The fapolicyd service (File Access Policy Daemon) implements application whitelisting to decide file access rights.

Complexity:low
Disruption:low
Reboot:false
Strategy:enable
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    SYSTEMCTL_EXEC='/usr/bin/systemctl'
    "$SYSTEMCTL_EXEC" unmask 'fapolicyd.service'
    "$SYSTEMCTL_EXEC" start 'fapolicyd.service'
    "$SYSTEMCTL_EXEC" enable 'fapolicyd.service'
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:enable
- name: Enable service fapolicyd
      block:
    
      - name: Gather the package facts
        package_facts:
          manager: auto
    
      - name: Enable service fapolicyd
        systemd:
          name: fapolicyd
          enabled: 'yes'
          state: started
          masked: 'no'
        when:
        - '"fapolicyd" in ansible_facts.packages'
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-84227-8
      - DISA-STIG-RHEL-09-433015
      - NIST-800-53-CM-6(a)
      - NIST-800-53-SI-4(22)
      - enable_strategy
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - service_fapolicyd_enabled
    

Complexity:low
Disruption:low
Reboot:false
Strategy:enable
include enable_fapolicyd
    
    class enable_fapolicyd {
      service {'fapolicyd':
        enable => true,
        ensure => 'running',
      }
    }
    


    [customizations.services]
    enabled = ["fapolicyd"]
    
OVAL test results details

package fapolicyd is installed  oval:ssg-test_service_fapolicyd_package_fapolicyd_installed:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_service_fapolicyd_package_fapolicyd_installed:obj:1 of type rpminfo_object
Name
fapolicyd

Test that the fapolicyd service is running  oval:ssg-test_service_running_fapolicyd:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_service_running_fapolicyd:obj:1 of type systemdunitproperty_object
UnitProperty
^fapolicyd\.(socket|service)$ActiveState

systemd test  oval:ssg-test_multi_user_wants_fapolicyd:tst:1  false

Following items have been found on the system:
UnitDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependency
multi-user.targetbasic.target-.mountsysinit.targetsystemd-machine-id-commit.servicelvm2-monitor.servicesystemd-update-done.serviceveritysetup.targetplymouth-read-write.servicesystemd-pcrphase.servicesystemd-sysctl.servicesystemd-update-utmp.servicenis-domainname.servicesystemd-hwdb-update.serviceproc-sys-fs-binfmt_misc.automountcryptsetup.targetsystemd-tmpfiles-setup-dev.servicesystemd-journald.servicesystemd-modules-load.serviceswap.targetdev-mapper-rhel\x2dswap.swapkmod-static-nodes.servicesys-fs-fuse-connections.mountsystemd-random-seed.serviceintegritysetup.targetsystemd-boot-update.servicesystemd-network-generator.serviceiscsi-onboot.servicesystemd-firstboot.servicemultipathd.servicesys-kernel-config.mountsystemd-journal-flush.servicedev-hugepages.mountsystemd-udev-trigger.serviceplymouth-start.servicesystemd-repart.servicesystemd-boot-system-token.servicesystemd-journal-catalog-update.servicelocal-fs.targetboot-efi.mounthome.mountboot.mountostree-remount.servicesystemd-remount-fs.servicedev-mqueue.mountsystemd-ask-password-console.pathsystemd-pcrphase-sysinit.servicesystemd-tmpfiles-setup.serviceselinux-autorelabel-mark.servicesys-kernel-tracing.mountsystemd-udevd.servicelvm2-lvmpolld.socketsys-kernel-debug.mountldconfig.servicesystemd-sysusers.servicesystemd-binfmt.servicedracut-shutdown.servicetimers.targetmlocate-updatedb.timerlogrotate.timersystemd-tmpfiles-clean.timerdnf-makecache.timerslices.targetsystem.slice-.slicelow-memory-monitor.servicepaths.targetsockets.targetdm-event.socketsystemd-journald-dev-log.socketcups.socketiscsid.socketsssd-kcm.socketiscsiuio.socketsystemd-udevd-kernel.socketdbus.socketsystemd-initctl.socketavahi-daemon.socketmultipathd.socketsystemd-coredump.socketsystemd-udevd-control.socketsystemd-journald.socketkdump.servicefirewalld.servicetuned.servicechronyd.serviceremote-fs.targetiscsi.serviceatd.servicelibstoragemgmt.servicevmtoolsd.servicesystemd-user-sessions.serviceauditd.servicesssd.servicesmartd.serviceNetworkManager.serviceModemManager.servicesshd.servicecups.pathrhsmcertd.serviceplymouth-quit.servicepostgresql.servicegetty.targetgetty@tty1.serviceserial-getty@ttyAMA0.servicemdmonitor.servicecrond.servicesystemd-update-utmp-runlevel.serviceirqbalance.servicesystemd-ask-password-wall.pathostree-readonly-sysroot-migration.serviceplymouth-quit-wait.servicersyslog.servicecups.serviceinsights-client-boot.serviceavahi-daemon.servicesystemd-logind.service

systemd test  oval:ssg-test_multi_user_wants_fapolicyd_socket:tst:1  false

Following items have been found on the system:
UnitDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependencyDependency
multi-user.targetbasic.target-.mountsysinit.targetsystemd-machine-id-commit.servicelvm2-monitor.servicesystemd-update-done.serviceveritysetup.targetplymouth-read-write.servicesystemd-pcrphase.servicesystemd-sysctl.servicesystemd-update-utmp.servicenis-domainname.servicesystemd-hwdb-update.serviceproc-sys-fs-binfmt_misc.automountcryptsetup.targetsystemd-tmpfiles-setup-dev.servicesystemd-journald.servicesystemd-modules-load.serviceswap.targetdev-mapper-rhel\x2dswap.swapkmod-static-nodes.servicesys-fs-fuse-connections.mountsystemd-random-seed.serviceintegritysetup.targetsystemd-boot-update.servicesystemd-network-generator.serviceiscsi-onboot.servicesystemd-firstboot.servicemultipathd.servicesys-kernel-config.mountsystemd-journal-flush.servicedev-hugepages.mountsystemd-udev-trigger.serviceplymouth-start.servicesystemd-repart.servicesystemd-boot-system-token.servicesystemd-journal-catalog-update.servicelocal-fs.targetboot-efi.mounthome.mountboot.mountostree-remount.servicesystemd-remount-fs.servicedev-mqueue.mountsystemd-ask-password-console.pathsystemd-pcrphase-sysinit.servicesystemd-tmpfiles-setup.serviceselinux-autorelabel-mark.servicesys-kernel-tracing.mountsystemd-udevd.servicelvm2-lvmpolld.socketsys-kernel-debug.mountldconfig.servicesystemd-sysusers.servicesystemd-binfmt.servicedracut-shutdown.servicetimers.targetmlocate-updatedb.timerlogrotate.timersystemd-tmpfiles-clean.timerdnf-makecache.timerslices.targetsystem.slice-.slicelow-memory-monitor.servicepaths.targetsockets.targetdm-event.socketsystemd-journald-dev-log.socketcups.socketiscsid.socketsssd-kcm.socketiscsiuio.socketsystemd-udevd-kernel.socketdbus.socketsystemd-initctl.socketavahi-daemon.socketmultipathd.socketsystemd-coredump.socketsystemd-udevd-control.socketsystemd-journald.socketkdump.servicefirewalld.servicetuned.servicechronyd.serviceremote-fs.targetiscsi.serviceatd.servicelibstoragemgmt.servicevmtoolsd.servicesystemd-user-sessions.serviceauditd.servicesssd.servicesmartd.serviceNetworkManager.serviceModemManager.servicesshd.servicecups.pathrhsmcertd.serviceplymouth-quit.servicepostgresql.servicegetty.targetgetty@tty1.serviceserial-getty@ttyAMA0.servicemdmonitor.servicecrond.servicesystemd-update-utmp-runlevel.serviceirqbalance.servicesystemd-ask-password-wall.pathostree-readonly-sysroot-migration.serviceplymouth-quit-wait.servicersyslog.servicecups.serviceinsights-client-boot.serviceavahi-daemon.servicesystemd-logind.service
Uninstall xinetd Packagexccdf_org.ssgproject.content_rule_package_xinetd_removed lowCCE-84155-1

Uninstall xinetd Package

Rule IDxccdf_org.ssgproject.content_rule_package_xinetd_removed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_xinetd_removed:def:1
Time2024-02-25T14:40:06+08:00
Severitylow
Identifiers and References

Identifiers:  CCE-84155-1

References:  BP28(R1), 11, 12, 14, 15, 3, 8, 9, APO13.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS01.04, DSS05.02, DSS05.03, DSS05.05, DSS06.06, CCI-000305, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.11.2.6, A.12.1.2, A.12.5.1, A.12.6.2, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, A.6.2.1, A.6.2.2, A.9.1.2, CM-7(a), CM-7(b), CM-6(a), PR.AC-3, PR.IP-1, PR.PT-3, PR.PT-4, 2.2.4

Description
The xinetd package can be removed with the following command:
    $ sudo dnf erase xinetd
Rationale
Removing the xinetd package decreases the risk of the xinetd service's accidental (or intentional) activation.
OVAL test results details

package xinetd is removed  oval:ssg-test_package_xinetd_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_package_xinetd_removed:obj:1 of type rpminfo_object
Name
xinetd
Disable xinetd Servicexccdf_org.ssgproject.content_rule_service_xinetd_disabled mediumCCE-84156-9

Disable xinetd Service

Rule IDxccdf_org.ssgproject.content_rule_service_xinetd_disabled
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-service_xinetd_disabled:def:1
Time2024-02-25T14:40:06+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84156-9

References:  11, 12, 14, 15, 3, 8, 9, APO13.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS01.04, DSS05.02, DSS05.03, DSS05.05, DSS06.06, 3.4.7, CCI-000305, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.11.2.6, A.12.1.2, A.12.5.1, A.12.6.2, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, A.6.2.1, A.6.2.2, A.9.1.2, CM-7(a), CM-7(b), CM-6(a), PR.AC-3, PR.IP-1, PR.PT-3, PR.PT-4

Description
The xinetd service can be disabled with the following command:
$ sudo systemctl mask --now xinetd.service
Rationale
The xinetd service provides a dedicated listener service for some programs, which is no longer necessary for commonly-used network services. Disabling it ensures that these uncommon services are not running, and also prevents attacks against xinetd itself.
OVAL test results details

package xinetd is removed  oval:ssg-test_service_xinetd_package_xinetd_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_service_xinetd_package_xinetd_removed:obj:1 of type rpminfo_object
Name
xinetd

Test that the xinetd service is not running  oval:ssg-test_service_not_running_xinetd:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_service_not_running_xinetd:obj:1 of type systemdunitproperty_object
UnitProperty
^xinetd\.(service|socket)$ActiveState

Test that the property LoadState from the service xinetd is masked  oval:ssg-test_service_loadstate_is_masked_xinetd:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_service_loadstate_is_masked_xinetd:obj:1 of type systemdunitproperty_object
UnitProperty
^xinetd\.(service|socket)$LoadState
Remove NIS Clientxccdf_org.ssgproject.content_rule_package_ypbind_removed unknownCCE-84151-0

Remove NIS Client

Rule IDxccdf_org.ssgproject.content_rule_package_ypbind_removed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_ypbind_removed:def:1
Time2024-02-25T14:40:06+08:00
Severityunknown
Identifiers and References

Identifiers:  CCE-84151-0

References:  BP28(R1), 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 2.2.4

Description
The Network Information Service (NIS), formerly known as Yellow Pages, is a client-server directory service protocol used to distribute system configuration files. The NIS client (ypbind) was used to bind a system to an NIS server and receive the distributed configuration files.
Rationale
The NIS service is inherently an insecure system that has been vulnerable to DOS attacks, buffer overflows and has poor authentication for querying NIS maps. NIS generally has been replaced by such protocols as Lightweight Directory Access Protocol (LDAP). It is recommended that the service be removed.
OVAL test results details

package ypbind is removed  oval:ssg-test_package_ypbind_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_package_ypbind_removed:obj:1 of type rpminfo_object
Name
ypbind
Uninstall rsh-server Packagexccdf_org.ssgproject.content_rule_package_rsh-server_removed highCCE-84143-7

Uninstall rsh-server Package

Rule IDxccdf_org.ssgproject.content_rule_package_rsh-server_removed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_rsh-server_removed:def:1
Time2024-02-25T14:40:06+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-84143-7

References:  BP28(R1), 11, 12, 14, 15, 3, 8, 9, APO13.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS01.04, DSS05.02, DSS05.03, DSS05.05, DSS06.06, CCI-000381, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.11.2.6, A.12.1.2, A.12.5.1, A.12.6.2, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, A.6.2.1, A.6.2.2, A.9.1.2, CM-7(a), CM-7(b), CM-6(a), IA-5(1)(c), PR.AC-3, PR.IP-1, PR.PT-3, PR.PT-4, SRG-OS-000095-GPOS-00049, RHEL-09-215035, SV-257830r925477_rule

Description
The rsh-server package can be removed with the following command:
    $ sudo dnf erase rsh-server
Rationale
The rsh-server service provides unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session and has very weak authentication. If a privileged user were to login using this service, the privileged user password could be compromised. The rsh-server package provides several obsolete and insecure network services. Removing it decreases the risk of those services' accidental (or intentional) activation.
OVAL test results details

package rsh-server is removed  oval:ssg-test_package_rsh-server_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_package_rsh-server_removed:obj:1 of type rpminfo_object
Name
rsh-server
Uninstall rsh Packagexccdf_org.ssgproject.content_rule_package_rsh_removed unknownCCE-84142-9

Uninstall rsh Package

Rule IDxccdf_org.ssgproject.content_rule_package_rsh_removed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_rsh_removed:def:1
Time2024-02-25T14:40:06+08:00
Severityunknown
Identifiers and References

Identifiers:  CCE-84142-9

References:  BP28(R1), 3.1.13, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), A.8.2.3, A.13.1.1, A.13.2.1, A.13.2.3, A.14.1.2, A.14.1.3, 2.2.4

Description
The rsh package contains the client commands for the rsh services
Rationale
These legacy clients contain numerous security exposures and have been replaced with the more secure SSH package. Even if the server is removed, it is best to ensure the clients are also removed to prevent users from inadvertently attempting to use these commands and therefore exposing their credentials. Note that removing the rsh package removes the clients for rsh,rcp, and rlogin.
OVAL test results details

package rsh is removed  oval:ssg-test_package_rsh_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_package_rsh_removed:obj:1 of type rpminfo_object
Name
rsh
Uninstall talk-server Packagexccdf_org.ssgproject.content_rule_package_talk-server_removed mediumCCE-84158-5

Uninstall talk-server Package

Rule IDxccdf_org.ssgproject.content_rule_package_talk-server_removed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_talk-server_removed:def:1
Time2024-02-25T14:40:06+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84158-5

References:  BP28(R1), 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii)

Description
The talk-server package can be removed with the following command:
 $ sudo dnf erase talk-server
Rationale
The talk software presents a security risk as it uses unencrypted protocols for communications. Removing the talk-server package decreases the risk of the accidental (or intentional) activation of talk services.
OVAL test results details

package talk-server is removed  oval:ssg-test_package_talk-server_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_package_talk-server_removed:obj:1 of type rpminfo_object
Name
talk-server
Uninstall talk Packagexccdf_org.ssgproject.content_rule_package_talk_removed mediumCCE-84157-7

Uninstall talk Package

Rule IDxccdf_org.ssgproject.content_rule_package_talk_removed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_talk_removed:def:1
Time2024-02-25T14:40:06+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-84157-7

References:  BP28(R1), 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 2.2.4

Description
The talk package contains the client program for the Internet talk protocol, which allows the user to chat with other users on different systems. Talk is a communication program which copies lines from one terminal to the terminal of another user. The talk package can be removed with the following command:
    $ sudo dnf erase talk
Rationale
The talk software presents a security risk as it uses unencrypted protocols for communications. Removing the talk package decreases the risk of the accidental (or intentional) activation of talk client program.
OVAL test results details

package talk is removed  oval:ssg-test_package_talk_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_package_talk_removed:obj:1 of type rpminfo_object
Name
talk
Uninstall telnet-server Packagexccdf_org.ssgproject.content_rule_package_telnet-server_removed highCCE-84149-4

Uninstall telnet-server Package

Rule IDxccdf_org.ssgproject.content_rule_package_telnet-server_removed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_telnet-server_removed:def:1
Time2024-02-25T14:40:06+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-84149-4

References:  BP28(R1), A.8.SEC-RHEL4, 11, 12, 14, 15, 3, 8, 9, APO13.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS01.04, DSS05.02, DSS05.03, DSS05.05, DSS06.06, CCI-000381, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.11.2.6, A.12.1.2, A.12.5.1, A.12.6.2, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, A.6.2.1, A.6.2.2, A.9.1.2, CM-7(a), CM-7(b), CM-6(a), PR.AC-3, PR.IP-1, PR.PT-3, PR.PT-4, Req-2.2.2, 2.2.4, SRG-OS-000095-GPOS-00049, RHEL-09-215040, 2.2.13, SV-257831r925480_rule

Description
The telnet-server package can be removed with the following command:
    $ sudo dnf erase telnet-server
Rationale
It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities are often overlooked and therefore may remain unsecure. They increase the risk to the platform by providing additional attack vectors.
The telnet service provides an unencrypted remote access service which does not provide for the confidentiality and integrity of user passwords or the remote session. If a privileged user were to login using this service, the privileged user password could be compromised.
Removing the telnet-server package decreases the risk of the telnet service's accidental (or intentional) activation.
OVAL test results details

package telnet-server is removed  oval:ssg-test_package_telnet-server_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_package_telnet-server_removed:obj:1 of type rpminfo_object
Name
telnet-server
Remove telnet Clientsxccdf_org.ssgproject.content_rule_package_telnet_removed lowCCE-84146-0

Remove telnet Clients

Rule IDxccdf_org.ssgproject.content_rule_package_telnet_removed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_telnet_removed:def:1
Time2024-02-25T14:40:06+08:00
Severitylow
Identifiers and References

Identifiers:  CCE-84146-0

References:  BP28(R1), 3.1.13, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), A.8.2.3, A.13.1.1, A.13.2.1, A.13.2.3, A.14.1.2, A.14.1.3, 2.2.4, 2.3.1

Description
The telnet client allows users to start connections to other systems via the telnet protocol.
Rationale
The telnet protocol is insecure and unencrypted. The use of an unencrypted transmission medium could allow an unauthorized user to steal credentials. The ssh package provides an encrypted session and stronger security and is included in Red Hat Enterprise Linux 9.
OVAL test results details

package telnet is removed  oval:ssg-test_package_telnet_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_package_telnet_removed:obj:1 of type rpminfo_object
Name
telnet
Disable telnet Servicexccdf_org.ssgproject.content_rule_service_telnet_disabled highCCE-84150-2

Disable telnet Service

Rule IDxccdf_org.ssgproject.content_rule_service_telnet_disabled
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-service_telnet_disabled:def:1
Time2024-02-25T14:40:07+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-84150-2

References:  1, 11, 12, 14, 15, 16, 3, 5, 8, 9, APO13.01, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS01.04, DSS05.02, DSS05.03, DSS05.04, DSS05.05, DSS05.07, DSS05.10, DSS06.03, DSS06.06, DSS06.10, 3.1.13, 3.4.7, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 4.3.3.2.2, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.11.2.6, A.12.1.2, A.12.5.1, A.12.6.2, A.13.1.1, A.13.2.1, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, A.18.1.4, A.6.2.1, A.6.2.2, A.7.1.1, A.9.1.2, A.9.2.1, A.9.2.2, A.9.2.3, A.9.2.4, A.9.2.6, A.9.3.1, A.9.4.2, A.9.4.3, CM-7(a), CM-7(b), CM-6(a), IA-5(1)(c), PR.AC-1, PR.AC-3, PR.AC-6, PR.AC-7, PR.IP-1, PR.PT-3, PR.PT-4

Description
Make sure that the activation of the telnet service on system boot is disabled. The telnet socket can be disabled with the following command:
$ sudo systemctl mask --now telnet.socket
Rationale
The telnet protocol uses unencrypted network communication, which means that data from the login session, including passwords and all other information transmitted during the session, can be stolen by eavesdroppers on the network. The telnet protocol is also subject to man-in-the-middle attacks.
Warnings
warning  If the system relies on xinetd to manage telnet sessions, ensure the telnet service is disabled by the following line: disable = yes. Note that the xinetd file for telnet is not created automatically, therefore it might have different names.
OVAL test results details

package telnet-server is removed  oval:ssg-test_service_telnet_package_telnet-server_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_service_telnet_package_telnet-server_removed:obj:1 of type rpminfo_object
Name
telnet-server

Test that the telnet service is not running  oval:ssg-test_service_not_running_telnet:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_service_not_running_telnet:obj:1 of type systemdunitproperty_object
UnitProperty
^telnet\.(service|socket)$ActiveState

Test that the property LoadState from the service telnet is masked  oval:ssg-test_service_loadstate_is_masked_telnet:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_service_loadstate_is_masked_telnet:obj:1 of type systemdunitproperty_object
UnitProperty
^telnet\.(service|socket)$LoadState
Uninstall squid Packagexccdf_org.ssgproject.content_rule_package_squid_removed unknownCCE-84238-5

Uninstall squid Package

Rule IDxccdf_org.ssgproject.content_rule_package_squid_removed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_squid_removed:def:1
Time2024-02-25T14:40:07+08:00
Severityunknown
Identifiers and References

Identifiers:  CCE-84238-5

References:  A.8.SEC-RHEL4, 2.2.11

Description
The squid package can be removed with the following command:
 $ sudo dnf erase squid
Rationale
If there is no need to make the proxy server software available, removing it provides a safeguard against its activation.
OVAL test results details

package squid is removed  oval:ssg-test_package_squid_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_package_squid_removed:obj:1 of type rpminfo_object
Name
squid
Disable Squidxccdf_org.ssgproject.content_rule_service_squid_disabled unknownCCE-84239-3

Disable Squid

Rule IDxccdf_org.ssgproject.content_rule_service_squid_disabled
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-service_squid_disabled:def:1
Time2024-02-25T14:40:07+08:00
Severityunknown
Identifiers and References

Identifiers:  CCE-84239-3

Description
The squid service can be disabled with the following command:
$ sudo systemctl mask --now squid.service
Rationale
Running proxy server software provides a network-based avenue of attack, and should be removed if not needed.
OVAL test results details

package squid is removed  oval:ssg-test_service_squid_package_squid_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_service_squid_package_squid_removed:obj:1 of type rpminfo_object
Name
squid

Test that the squid service is not running  oval:ssg-test_service_not_running_squid:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_service_not_running_squid:obj:1 of type systemdunitproperty_object
UnitProperty
^squid\.(service|socket)$ActiveState

Test that the property LoadState from the service squid is masked  oval:ssg-test_service_loadstate_is_masked_squid:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_service_loadstate_is_masked_squid:obj:1 of type systemdunitproperty_object
UnitProperty
^squid\.(service|socket)$LoadState
Uninstall quagga Packagexccdf_org.ssgproject.content_rule_package_quagga_removed lowCCE-84191-6

Uninstall quagga Package

Rule IDxccdf_org.ssgproject.content_rule_package_quagga_removed
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-package_quagga_removed:def:1
Time2024-02-25T14:40:07+08:00
Severitylow
Identifiers and References

Identifiers:  CCE-84191-6

References:  12, 15, 8, APO13.01, DSS05.02, CCI-000366, SR 3.1, SR 3.5, SR 3.8, SR 4.1, SR 4.3, SR 5.1, SR 5.2, SR 5.3, SR 7.1, SR 7.6, A.13.1.1, A.13.2.1, A.14.1.3, CM-7(a), CM-7(b), CM-6(a), PR.PT-4, SRG-OS-000480-GPOS-00227, RHEL-09-215065, SV-257836r925495_rule

Description
The quagga package can be removed with the following command:
 $ sudo dnf erase quagga
Rationale
Routing software is typically used on routers to exchange network topology information with other routers. If routing software is used when not required, system network information may be unnecessarily transmitted across the network.
If there is no need to make the router software available, removing it provides a safeguard against its activation.
OVAL test results details

package quagga is removed  oval:ssg-test_package_quagga_removed:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_test_package_quagga_removed:obj:1 of type rpminfo_object
Name
quagga
Disable SSH Access via Empty Passwordsxccdf_org.ssgproject.content_rule_sshd_disable_empty_passwords highCCE-90799-8

Disable SSH Access via Empty Passwords

Rule IDxccdf_org.ssgproject.content_rule_sshd_disable_empty_passwords
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sshd_disable_empty_passwords:def:1
Time2024-02-25T14:40:07+08:00
Severityhigh
Identifiers and References

Identifiers:  CCE-90799-8

References:  NT007(R17), 11, 12, 13, 14, 15, 16, 18, 3, 5, 9, 5.5.6, APO01.06, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS05.02, DSS05.04, DSS05.05, DSS05.07, DSS06.02, DSS06.03, DSS06.06, 3.1.1, 3.1.5, CCI-000366, CCI-000766, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 4.3.3.2.2, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 5.2, SR 7.6, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.12.1.2, A.12.5.1, A.12.6.2, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.3, A.14.2.4, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.1, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, AC-17(a), CM-7(a), CM-7(b), CM-6(a), PR.AC-4, PR.AC-6, PR.DS-5, PR.IP-1, PR.PT-3, FIA_UAU.1, Req-2.2.4, 2.2.6, SRG-OS-000106-GPOS-00053, SRG-OS-000480-GPOS-00229, SRG-OS-000480-GPOS-00227, RHEL-09-255040, 5.2.9, SV-257984r925939_rule

Description
Disallow SSH login with empty passwords. The default SSH configuration disables logins with empty passwords. The appropriate configuration is used if no value is set for PermitEmptyPasswords.
To explicitly disallow SSH login from accounts with empty passwords, add or correct the following line in /etc/ssh/sshd_config.d/00-complianceascode-hardening.conf:
PermitEmptyPasswords no
Any accounts with empty passwords should be disabled immediately, and PAM configuration should prevent users from being able to assign themselves empty passwords.
Rationale
Configuring this setting for the SSH daemon provides additional assurance that remote login via SSH will require a password, even in the event of misconfiguration elsewhere.

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    mkdir -p /etc/ssh/sshd_config.d
    touch /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
    
    LC_ALL=C sed -i "/^\s*PermitEmptyPasswords\s\+/Id" "/etc/ssh/sshd_config"
    LC_ALL=C sed -i "/^\s*PermitEmptyPasswords\s\+/Id" "/etc/ssh/sshd_config.d"/*.conf
    if [ -e "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" ] ; then
        
        LC_ALL=C sed -i "/^\s*PermitEmptyPasswords\s\+/Id" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        touch "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # make sure file has newline at the end
    sed -i -e '$a\' "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    
    cp "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    # Insert before the line matching the regex '^Match'.
    line_number="$(LC_ALL=C grep -n "^Match" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" | LC_ALL=C sed 's/:.*//g')"
    if [ -z "$line_number" ]; then
        # There was no match of '^Match', insert at
        # the end of the file.
        printf '%s\n' "PermitEmptyPasswords no" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        head -n "$(( line_number - 1 ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" > "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        printf '%s\n' "PermitEmptyPasswords no" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        tail -n "+$(( line_number ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # Clean up after ourselves.
    rm "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Disable SSH Access via Empty Passwords
      block:
    
      - name: Deduplicate values from /etc/ssh/sshd_config
        lineinfile:
          path: /etc/ssh/sshd_config
          create: false
          regexp: (?i)^\s*{{ "PermitEmptyPasswords"| regex_escape }}\s+
          state: absent
    
      - name: Check if /etc/ssh/sshd_config.d exists
        stat:
          path: /etc/ssh/sshd_config.d
        register: _etc_ssh_sshd_config_d_exists
    
      - name: Check if the parameter PermitEmptyPasswords is present in /etc/ssh/sshd_config.d
        find:
          paths: /etc/ssh/sshd_config.d
          recurse: 'yes'
          follow: 'no'
          contains: (?i)^\s*{{ "PermitEmptyPasswords"| regex_escape }}\s+
        register: _etc_ssh_sshd_config_d_has_parameter
        when: _etc_ssh_sshd_config_d_exists.stat.isdir is defined and _etc_ssh_sshd_config_d_exists.stat.isdir
    
      - name: Remove parameter from files in /etc/ssh/sshd_config.d
        lineinfile:
          path: '{{ item.path }}'
          create: false
          regexp: (?i)^\s*{{ "PermitEmptyPasswords"| regex_escape }}\s+
          state: absent
        with_items: '{{ _etc_ssh_sshd_config_d_has_parameter.files }}'
        when: _etc_ssh_sshd_config_d_has_parameter.matched
    
      - name: Insert correct line to /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
        lineinfile:
          path: /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
          create: true
          regexp: (?i)^\s*{{ "PermitEmptyPasswords"| regex_escape }}\s+
          line: PermitEmptyPasswords no
          state: present
          insertbefore: ^[#\s]*Match
          validate: /usr/sbin/sshd -t -f %s
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-90799-8
      - CJIS-5.5.6
      - DISA-STIG-RHEL-09-255040
      - NIST-800-171-3.1.1
      - NIST-800-171-3.1.5
      - NIST-800-53-AC-17(a)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - PCI-DSS-Req-2.2.4
      - PCI-DSSv4-2.2.6
      - high_severity
      - low_complexity
      - low_disruption
      - no_reboot_needed
      - restrict_strategy
      - sshd_disable_empty_passwords
    
OVAL test results details

Verify if Profile set Value sshd_required as not required  oval:ssg-test_sshd_not_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is removed  oval:ssg-test_package_openssh-server_removed:tst:1  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

Verify if Profile set Value sshd_required as required  oval:ssg-test_sshd_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is installed  oval:ssg-test_package_openssh-server_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

tests the value of PermitEmptyPasswords setting in the /etc/ssh/sshd_config file  oval:ssg-test_sshd_disable_empty_passwords:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_disable_empty_passwords:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/ssh/sshd_config^[ \t]*(?i)PermitEmptyPasswords(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

tests the value of PermitEmptyPasswords setting in the /etc/ssh/sshd_config.d file  oval:ssg-test_sshd_disable_empty_passwords_config_dir:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_disable_empty_passwords_config_dir:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/ssh/sshd_config.d.*\.conf$^[ \t]*(?i)PermitEmptyPasswords(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

Verify that the value of PermitEmptyPasswords is present  oval:ssg-test_PermitEmptyPasswords_present_sshd_disable_empty_passwords:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_collection_obj_sshd_disable_empty_passwords:obj:1 of type textfilecontent54_object
Set
oval:ssg-obj_sshd_disable_empty_passwords:obj:1 oval:ssg-obj_sshd_disable_empty_passwords_config_dir:obj:1
Disable GSSAPI Authenticationxccdf_org.ssgproject.content_rule_sshd_disable_gssapi_auth mediumCCE-90808-7

Disable GSSAPI Authentication

Rule IDxccdf_org.ssgproject.content_rule_sshd_disable_gssapi_auth
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sshd_disable_gssapi_auth:def:1
Time2024-02-25T14:40:07+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-90808-7

References:  11, 3, 9, BAI10.01, BAI10.02, BAI10.03, BAI10.05, 3.1.12, CCI-000318, CCI-000368, CCI-001812, CCI-001813, CCI-001814, CCI-000366, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 4.3.4.3.2, 4.3.4.3.3, SR 7.6, 0418, 1055, 1402, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, CM-7(a), CM-7(b), CM-6(a), AC-17(a), PR.IP-1, FTP_ITC_EXT.1, FCS_SSH_EXT.1.2, SRG-OS-000364-GPOS-00151, SRG-OS-000480-GPOS-00227, RHEL-09-255135, SV-258003r925996_rule

Description
Unless needed, SSH should not permit extraneous or unnecessary authentication mechanisms like GSSAPI.
The default SSH configuration disallows authentications based on GSSAPI. The appropriate configuration is used if no value is set for GSSAPIAuthentication.
To explicitly disable GSSAPI authentication, add or correct the following line in /etc/ssh/sshd_config.d/00-complianceascode-hardening.conf:
GSSAPIAuthentication no
Rationale
GSSAPI authentication is used to provide additional authentication mechanisms to applications. Allowing GSSAPI authentication through SSH exposes the system's GSSAPI to remote hosts, increasing the attack surface of the system.

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    mkdir -p /etc/ssh/sshd_config.d
    touch /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
    
    LC_ALL=C sed -i "/^\s*GSSAPIAuthentication\s\+/Id" "/etc/ssh/sshd_config"
    LC_ALL=C sed -i "/^\s*GSSAPIAuthentication\s\+/Id" "/etc/ssh/sshd_config.d"/*.conf
    if [ -e "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" ] ; then
        
        LC_ALL=C sed -i "/^\s*GSSAPIAuthentication\s\+/Id" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        touch "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # make sure file has newline at the end
    sed -i -e '$a\' "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    
    cp "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    # Insert before the line matching the regex '^Match'.
    line_number="$(LC_ALL=C grep -n "^Match" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" | LC_ALL=C sed 's/:.*//g')"
    if [ -z "$line_number" ]; then
        # There was no match of '^Match', insert at
        # the end of the file.
        printf '%s\n' "GSSAPIAuthentication no" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        head -n "$(( line_number - 1 ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" > "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        printf '%s\n' "GSSAPIAuthentication no" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        tail -n "+$(( line_number ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # Clean up after ourselves.
    rm "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Disable GSSAPI Authentication
      block:
    
      - name: Deduplicate values from /etc/ssh/sshd_config
        lineinfile:
          path: /etc/ssh/sshd_config
          create: false
          regexp: (?i)^\s*{{ "GSSAPIAuthentication"| regex_escape }}\s+
          state: absent
    
      - name: Check if /etc/ssh/sshd_config.d exists
        stat:
          path: /etc/ssh/sshd_config.d
        register: _etc_ssh_sshd_config_d_exists
    
      - name: Check if the parameter GSSAPIAuthentication is present in /etc/ssh/sshd_config.d
        find:
          paths: /etc/ssh/sshd_config.d
          recurse: 'yes'
          follow: 'no'
          contains: (?i)^\s*{{ "GSSAPIAuthentication"| regex_escape }}\s+
        register: _etc_ssh_sshd_config_d_has_parameter
        when: _etc_ssh_sshd_config_d_exists.stat.isdir is defined and _etc_ssh_sshd_config_d_exists.stat.isdir
    
      - name: Remove parameter from files in /etc/ssh/sshd_config.d
        lineinfile:
          path: '{{ item.path }}'
          create: false
          regexp: (?i)^\s*{{ "GSSAPIAuthentication"| regex_escape }}\s+
          state: absent
        with_items: '{{ _etc_ssh_sshd_config_d_has_parameter.files }}'
        when: _etc_ssh_sshd_config_d_has_parameter.matched
    
      - name: Insert correct line to /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
        lineinfile:
          path: /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
          create: true
          regexp: (?i)^\s*{{ "GSSAPIAuthentication"| regex_escape }}\s+
          line: GSSAPIAuthentication no
          state: present
          insertbefore: ^[#\s]*Match
          validate: /usr/sbin/sshd -t -f %s
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-90808-7
      - DISA-STIG-RHEL-09-255135
      - NIST-800-171-3.1.12
      - NIST-800-53-AC-17(a)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
      - sshd_disable_gssapi_auth
    
OVAL test results details

Verify if Profile set Value sshd_required as not required  oval:ssg-test_sshd_not_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is removed  oval:ssg-test_package_openssh-server_removed:tst:1  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

Verify if Profile set Value sshd_required as required  oval:ssg-test_sshd_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is installed  oval:ssg-test_package_openssh-server_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

tests the value of GSSAPIAuthentication setting in the /etc/ssh/sshd_config file  oval:ssg-test_sshd_disable_gssapi_auth:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_disable_gssapi_auth:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/ssh/sshd_config^[ \t]*(?i)GSSAPIAuthentication(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

tests the value of GSSAPIAuthentication setting in the /etc/ssh/sshd_config.d file  oval:ssg-test_sshd_disable_gssapi_auth_config_dir:tst:1  false

Following items have been found on the system:
PathContent
/etc/ssh/sshd_config.d/50-redhat.confGSSAPIAuthentication yes

Verify that the value of GSSAPIAuthentication is present  oval:ssg-test_GSSAPIAuthentication_present_sshd_disable_gssapi_auth:tst:1  true

Following items have been found on the system:
PathContent
/etc/ssh/sshd_config.d/50-redhat.confGSSAPIAuthentication yes
Disable SSH Support for .rhosts Filesxccdf_org.ssgproject.content_rule_sshd_disable_rhosts mediumCCE-90797-2

Disable SSH Support for .rhosts Files

Rule IDxccdf_org.ssgproject.content_rule_sshd_disable_rhosts
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sshd_disable_rhosts:def:1
Time2024-02-25T14:40:07+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-90797-2

References:  11, 12, 14, 15, 16, 18, 3, 5, 9, 5.5.6, BAI10.01, BAI10.02, BAI10.03, BAI10.05, DSS05.02, DSS05.04, DSS05.05, DSS05.07, DSS06.03, DSS06.06, 3.1.12, CCI-000366, 4.3.3.2.2, 4.3.3.5.1, 4.3.3.5.2, 4.3.3.5.3, 4.3.3.5.4, 4.3.3.5.5, 4.3.3.5.6, 4.3.3.5.7, 4.3.3.5.8, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, 4.3.3.7.1, 4.3.3.7.2, 4.3.3.7.3, 4.3.3.7.4, 4.3.4.3.2, 4.3.4.3.3, SR 1.1, SR 1.10, SR 1.11, SR 1.12, SR 1.13, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.6, SR 1.7, SR 1.8, SR 1.9, SR 2.1, SR 2.2, SR 2.3, SR 2.4, SR 2.5, SR 2.6, SR 2.7, SR 7.6, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, A.6.1.2, A.7.1.1, A.9.1.2, A.9.2.1, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, AC-17(a), CM-7(a), CM-7(b), CM-6(a), PR.AC-4, PR.AC-6, PR.IP-1, PR.PT-3, FIA_UAU.1, 2.2.6, SRG-OS-000480-GPOS-00227, RHEL-09-255145, 5.2.11, SV-258005r926002_rule

Description
SSH can emulate the behavior of the obsolete rsh command in allowing users to enable insecure access to their accounts via .rhosts files.
The default SSH configuration disables support for .rhosts. The appropriate configuration is used if no value is set for IgnoreRhosts.
To explicitly disable support for .rhosts files, add or correct the following line in /etc/ssh/sshd_config.d/00-complianceascode-hardening.conf:
IgnoreRhosts yes
Rationale
SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts.

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    mkdir -p /etc/ssh/sshd_config.d
    touch /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
    
    LC_ALL=C sed -i "/^\s*IgnoreRhosts\s\+/Id" "/etc/ssh/sshd_config"
    LC_ALL=C sed -i "/^\s*IgnoreRhosts\s\+/Id" "/etc/ssh/sshd_config.d"/*.conf
    if [ -e "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" ] ; then
        
        LC_ALL=C sed -i "/^\s*IgnoreRhosts\s\+/Id" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        touch "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # make sure file has newline at the end
    sed -i -e '$a\' "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    
    cp "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    # Insert before the line matching the regex '^Match'.
    line_number="$(LC_ALL=C grep -n "^Match" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" | LC_ALL=C sed 's/:.*//g')"
    if [ -z "$line_number" ]; then
        # There was no match of '^Match', insert at
        # the end of the file.
        printf '%s\n' "IgnoreRhosts yes" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        head -n "$(( line_number - 1 ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" > "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        printf '%s\n' "IgnoreRhosts yes" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        tail -n "+$(( line_number ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # Clean up after ourselves.
    rm "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Disable SSH Support for .rhosts Files
      block:
    
      - name: Deduplicate values from /etc/ssh/sshd_config
        lineinfile:
          path: /etc/ssh/sshd_config
          create: false
          regexp: (?i)^\s*{{ "IgnoreRhosts"| regex_escape }}\s+
          state: absent
    
      - name: Check if /etc/ssh/sshd_config.d exists
        stat:
          path: /etc/ssh/sshd_config.d
        register: _etc_ssh_sshd_config_d_exists
    
      - name: Check if the parameter IgnoreRhosts is present in /etc/ssh/sshd_config.d
        find:
          paths: /etc/ssh/sshd_config.d
          recurse: 'yes'
          follow: 'no'
          contains: (?i)^\s*{{ "IgnoreRhosts"| regex_escape }}\s+
        register: _etc_ssh_sshd_config_d_has_parameter
        when: _etc_ssh_sshd_config_d_exists.stat.isdir is defined and _etc_ssh_sshd_config_d_exists.stat.isdir
    
      - name: Remove parameter from files in /etc/ssh/sshd_config.d
        lineinfile:
          path: '{{ item.path }}'
          create: false
          regexp: (?i)^\s*{{ "IgnoreRhosts"| regex_escape }}\s+
          state: absent
        with_items: '{{ _etc_ssh_sshd_config_d_has_parameter.files }}'
        when: _etc_ssh_sshd_config_d_has_parameter.matched
    
      - name: Insert correct line to /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
        lineinfile:
          path: /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
          create: true
          regexp: (?i)^\s*{{ "IgnoreRhosts"| regex_escape }}\s+
          line: IgnoreRhosts yes
          state: present
          insertbefore: ^[#\s]*Match
          validate: /usr/sbin/sshd -t -f %s
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-90797-2
      - CJIS-5.5.6
      - DISA-STIG-RHEL-09-255145
      - NIST-800-171-3.1.12
      - NIST-800-53-AC-17(a)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - PCI-DSSv4-2.2.6
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
      - sshd_disable_rhosts
    
OVAL test results details

Verify if Profile set Value sshd_required as not required  oval:ssg-test_sshd_not_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is removed  oval:ssg-test_package_openssh-server_removed:tst:1  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

Verify if Profile set Value sshd_required as required  oval:ssg-test_sshd_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is installed  oval:ssg-test_package_openssh-server_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

tests the value of IgnoreRhosts setting in the /etc/ssh/sshd_config file  oval:ssg-test_sshd_disable_rhosts:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_disable_rhosts:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/ssh/sshd_config^[ \t]*(?i)IgnoreRhosts(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

tests the value of IgnoreRhosts setting in the /etc/ssh/sshd_config.d file  oval:ssg-test_sshd_disable_rhosts_config_dir:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_disable_rhosts_config_dir:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/ssh/sshd_config.d.*\.conf$^[ \t]*(?i)IgnoreRhosts(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

Verify that the value of IgnoreRhosts is present  oval:ssg-test_IgnoreRhosts_present_sshd_disable_rhosts:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_collection_obj_sshd_disable_rhosts:obj:1 of type textfilecontent54_object
Set
oval:ssg-obj_sshd_disable_rhosts:obj:1 oval:ssg-obj_sshd_disable_rhosts_config_dir:obj:1
Disable SSH Support for User Known Hostsxccdf_org.ssgproject.content_rule_sshd_disable_user_known_hosts mediumCCE-90796-4

Disable SSH Support for User Known Hosts

Rule IDxccdf_org.ssgproject.content_rule_sshd_disable_user_known_hosts
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sshd_disable_user_known_hosts:def:1
Time2024-02-25T14:40:07+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-90796-4

References:  11, 3, 9, BAI10.01, BAI10.02, BAI10.03, BAI10.05, 3.1.12, CCI-000366, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 4.3.4.3.2, 4.3.4.3.3, SR 7.6, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, AC-17(a), CM-7(a), CM-7(b), CM-6(a), PR.IP-1, FIA_UAU.1, SRG-OS-000480-GPOS-00227, RHEL-09-255150, SV-258006r926005_rule

Description
SSH can allow system users to connect to systems if a cache of the remote systems public keys is available. This should be disabled.

To ensure this behavior is disabled, add or correct the following line in /etc/ssh/sshd_config.d/00-complianceascode-hardening.conf:
IgnoreUserKnownHosts yes
Rationale
Configuring this setting for the SSH daemon provides additional assurance that remote login via SSH will require a password, even in the event of misconfiguration elsewhere.

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    mkdir -p /etc/ssh/sshd_config.d
    touch /etc/ssh/sshd_config.d/00-complianceascode-hardening.conf
    
    LC_ALL=C sed -i "/^\s*IgnoreUserKnownHosts\s\+/Id" "/etc/ssh/sshd_config"
    LC_ALL=C sed -i "/^\s*IgnoreUserKnownHosts\s\+/Id" "/etc/ssh/sshd_config.d"/*.conf
    if [ -e "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf" ] ; then
        
        LC_ALL=C sed -i "/^\s*IgnoreUserKnownHosts\s\+/Id" "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf"
    else
        touch "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf"
    fi
    # make sure file has newline at the end
    sed -i -e '$a\' "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf"
    
    cp "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf" "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf.bak"
    # Insert before the line matching the regex '^Match'.
    line_number="$(LC_ALL=C grep -n "^Match" "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf.bak" | LC_ALL=C sed 's/:.*//g')"
    if [ -z "$line_number" ]; then
        # There was no match of '^Match', insert at
        # the end of the file.
        printf '%s\n' "IgnoreUserKnownHosts yes" >> "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf"
    else
        head -n "$(( line_number - 1 ))" "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf.bak" > "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf"
        printf '%s\n' "IgnoreUserKnownHosts yes" >> "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf"
        tail -n "+$(( line_number ))" "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf.bak" >> "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf"
    fi
    # Clean up after ourselves.
    rm "/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf.bak"
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Disable SSH Support for User Known Hosts
      block:
    
      - name: Deduplicate values from /etc/ssh/sshd_config
        lineinfile:
          path: /etc/ssh/sshd_config
          create: false
          regexp: (?i)^\s*{{ "IgnoreUserKnownHosts"| regex_escape }}\s+
          state: absent
    
      - name: Check if /etc/ssh/sshd_config.d exists
        stat:
          path: /etc/ssh/sshd_config.d
        register: _etc_ssh_sshd_config_d_exists
    
      - name: Check if the parameter IgnoreUserKnownHosts is present in /etc/ssh/sshd_config.d
        find:
          paths: /etc/ssh/sshd_config.d
          recurse: 'yes'
          follow: 'no'
          contains: (?i)^\s*{{ "IgnoreUserKnownHosts"| regex_escape }}\s+
        register: _etc_ssh_sshd_config_d_has_parameter
        when: _etc_ssh_sshd_config_d_exists.stat.isdir is defined and _etc_ssh_sshd_config_d_exists.stat.isdir
    
      - name: Remove parameter from files in /etc/ssh/sshd_config.d
        lineinfile:
          path: '{{ item.path }}'
          create: false
          regexp: (?i)^\s*{{ "IgnoreUserKnownHosts"| regex_escape }}\s+
          state: absent
        with_items: '{{ _etc_ssh_sshd_config_d_has_parameter.files }}'
        when: _etc_ssh_sshd_config_d_has_parameter.matched
    
      - name: Insert correct line to /etc/ssh/sshd_config.d/00-complianceascode-hardening.conf
        lineinfile:
          path: /etc/ssh/sshd_config.d/00-complianceascode-hardening.conf
          create: true
          regexp: (?i)^\s*{{ "IgnoreUserKnownHosts"| regex_escape }}\s+
          line: IgnoreUserKnownHosts yes
          state: present
          insertbefore: ^[#\s]*Match
          validate: /usr/sbin/sshd -t -f %s
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-90796-4
      - DISA-STIG-RHEL-09-255150
      - NIST-800-171-3.1.12
      - NIST-800-53-AC-17(a)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
      - sshd_disable_user_known_hosts
    
OVAL test results details

Verify if Profile set Value sshd_required as not required  oval:ssg-test_sshd_not_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is removed  oval:ssg-test_package_openssh-server_removed:tst:1  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

Verify if Profile set Value sshd_required as required  oval:ssg-test_sshd_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is installed  oval:ssg-test_package_openssh-server_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

tests the value of IgnoreUserKnownHosts setting in the /etc/ssh/sshd_config file  oval:ssg-test_sshd_disable_user_known_hosts:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_disable_user_known_hosts:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/ssh/sshd_config^[ \t]*(?i)IgnoreUserKnownHosts(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

tests the value of IgnoreUserKnownHosts setting in the /etc/ssh/sshd_config.d file  oval:ssg-test_sshd_disable_user_known_hosts_config_dir:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_disable_user_known_hosts_config_dir:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/ssh/sshd_config.d.*\.conf$^[ \t]*(?i)IgnoreUserKnownHosts(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

Verify that the value of IgnoreUserKnownHosts is present  oval:ssg-test_IgnoreUserKnownHosts_present_sshd_disable_user_known_hosts:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_collection_obj_sshd_disable_user_known_hosts:obj:1 of type textfilecontent54_object
Set
oval:ssg-obj_sshd_disable_user_known_hosts:obj:1 oval:ssg-obj_sshd_disable_user_known_hosts_config_dir:obj:1
Do Not Allow SSH Environment Optionsxccdf_org.ssgproject.content_rule_sshd_do_not_permit_user_env mediumCCE-90803-8

Do Not Allow SSH Environment Options

Rule IDxccdf_org.ssgproject.content_rule_sshd_do_not_permit_user_env
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sshd_do_not_permit_user_env:def:1
Time2024-02-25T14:40:07+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-90803-8

References:  11, 3, 9, 5.5.6, BAI10.01, BAI10.02, BAI10.03, BAI10.05, 3.1.12, CCI-000366, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 4.3.4.3.2, 4.3.4.3.3, SR 7.6, A.12.1.2, A.12.5.1, A.12.6.2, A.14.2.2, A.14.2.3, A.14.2.4, AC-17(a), CM-7(a), CM-7(b), CM-6(a), PR.IP-1, Req-2.2.4, 2.2.6, SRG-OS-000480-GPOS-00229, RHEL-09-255085, 5.2.10, SV-257993r925966_rule

Description
Ensure that users are not able to override environment variables of the SSH daemon.
The default SSH configuration disables environment processing. The appropriate configuration is used if no value is set for PermitUserEnvironment.
To explicitly disable Environment options, add or correct the following /etc/ssh/sshd_config.d/00-complianceascode-hardening.conf:
PermitUserEnvironment no
Rationale
SSH environment options potentially allow users to bypass access restriction in some configurations.

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    mkdir -p /etc/ssh/sshd_config.d
    touch /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
    
    LC_ALL=C sed -i "/^\s*PermitUserEnvironment\s\+/Id" "/etc/ssh/sshd_config"
    LC_ALL=C sed -i "/^\s*PermitUserEnvironment\s\+/Id" "/etc/ssh/sshd_config.d"/*.conf
    if [ -e "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" ] ; then
        
        LC_ALL=C sed -i "/^\s*PermitUserEnvironment\s\+/Id" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        touch "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # make sure file has newline at the end
    sed -i -e '$a\' "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    
    cp "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    # Insert before the line matching the regex '^Match'.
    line_number="$(LC_ALL=C grep -n "^Match" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" | LC_ALL=C sed 's/:.*//g')"
    if [ -z "$line_number" ]; then
        # There was no match of '^Match', insert at
        # the end of the file.
        printf '%s\n' "PermitUserEnvironment no" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        head -n "$(( line_number - 1 ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" > "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        printf '%s\n' "PermitUserEnvironment no" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        tail -n "+$(( line_number ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # Clean up after ourselves.
    rm "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Do Not Allow SSH Environment Options
      block:
    
      - name: Deduplicate values from /etc/ssh/sshd_config
        lineinfile:
          path: /etc/ssh/sshd_config
          create: false
          regexp: (?i)^\s*{{ "PermitUserEnvironment"| regex_escape }}\s+
          state: absent
    
      - name: Check if /etc/ssh/sshd_config.d exists
        stat:
          path: /etc/ssh/sshd_config.d
        register: _etc_ssh_sshd_config_d_exists
    
      - name: Check if the parameter PermitUserEnvironment is present in /etc/ssh/sshd_config.d
        find:
          paths: /etc/ssh/sshd_config.d
          recurse: 'yes'
          follow: 'no'
          contains: (?i)^\s*{{ "PermitUserEnvironment"| regex_escape }}\s+
        register: _etc_ssh_sshd_config_d_has_parameter
        when: _etc_ssh_sshd_config_d_exists.stat.isdir is defined and _etc_ssh_sshd_config_d_exists.stat.isdir
    
      - name: Remove parameter from files in /etc/ssh/sshd_config.d
        lineinfile:
          path: '{{ item.path }}'
          create: false
          regexp: (?i)^\s*{{ "PermitUserEnvironment"| regex_escape }}\s+
          state: absent
        with_items: '{{ _etc_ssh_sshd_config_d_has_parameter.files }}'
        when: _etc_ssh_sshd_config_d_has_parameter.matched
    
      - name: Insert correct line to /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
        lineinfile:
          path: /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
          create: true
          regexp: (?i)^\s*{{ "PermitUserEnvironment"| regex_escape }}\s+
          line: PermitUserEnvironment no
          state: present
          insertbefore: ^[#\s]*Match
          validate: /usr/sbin/sshd -t -f %s
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-90803-8
      - CJIS-5.5.6
      - DISA-STIG-RHEL-09-255085
      - NIST-800-171-3.1.12
      - NIST-800-53-AC-17(a)
      - NIST-800-53-CM-6(a)
      - NIST-800-53-CM-7(a)
      - NIST-800-53-CM-7(b)
      - PCI-DSS-Req-2.2.4
      - PCI-DSSv4-2.2.6
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
      - sshd_do_not_permit_user_env
    
OVAL test results details

Verify if Profile set Value sshd_required as not required  oval:ssg-test_sshd_not_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is removed  oval:ssg-test_package_openssh-server_removed:tst:1  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

Verify if Profile set Value sshd_required as required  oval:ssg-test_sshd_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is installed  oval:ssg-test_package_openssh-server_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

tests the value of PermitUserEnvironment setting in the /etc/ssh/sshd_config file  oval:ssg-test_sshd_do_not_permit_user_env:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_do_not_permit_user_env:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/ssh/sshd_config^[ \t]*(?i)PermitUserEnvironment(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

tests the value of PermitUserEnvironment setting in the /etc/ssh/sshd_config.d file  oval:ssg-test_sshd_do_not_permit_user_env_config_dir:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_do_not_permit_user_env_config_dir:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/ssh/sshd_config.d.*\.conf$^[ \t]*(?i)PermitUserEnvironment(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

Verify that the value of PermitUserEnvironment is present  oval:ssg-test_PermitUserEnvironment_present_sshd_do_not_permit_user_env:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_collection_obj_sshd_do_not_permit_user_env:obj:1 of type textfilecontent54_object
Set
oval:ssg-obj_sshd_do_not_permit_user_env:obj:1 oval:ssg-obj_sshd_do_not_permit_user_env_config_dir:obj:1
Enable Use of Strict Mode Checkingxccdf_org.ssgproject.content_rule_sshd_enable_strictmodes mediumCCE-90809-5

Enable Use of Strict Mode Checking

Rule IDxccdf_org.ssgproject.content_rule_sshd_enable_strictmodes
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sshd_enable_strictmodes:def:1
Time2024-02-25T14:40:07+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-90809-5

References:  12, 13, 14, 15, 16, 18, 3, 5, APO01.06, DSS05.04, DSS05.07, DSS06.02, 3.1.12, CCI-000366, 164.308(a)(4)(i), 164.308(b)(1), 164.308(b)(3), 164.310(b), 164.312(e)(1), 164.312(e)(2)(ii), 4.3.3.7.3, SR 2.1, SR 5.2, A.10.1.1, A.11.1.4, A.11.1.5, A.11.2.1, A.13.1.1, A.13.1.3, A.13.2.1, A.13.2.3, A.13.2.4, A.14.1.2, A.14.1.3, A.6.1.2, A.7.1.1, A.7.1.2, A.7.3.1, A.8.2.2, A.8.2.3, A.9.1.1, A.9.1.2, A.9.2.3, A.9.4.1, A.9.4.4, A.9.4.5, CIP-003-8 R5.1.1, CIP-003-8 R5.3, CIP-004-6 R2.3, CIP-007-3 R2.1, CIP-007-3 R2.2, CIP-007-3 R2.3, CIP-007-3 R5.1, CIP-007-3 R5.1.1, CIP-007-3 R5.1.2, AC-6, AC-17(a), CM-6(a), PR.AC-4, PR.DS-5, SRG-OS-000480-GPOS-00227, RHEL-09-255160, SV-258008r926011_rule

Description
SSHs StrictModes option checks file and ownership permissions in the user's home directory .ssh folder before accepting login. If world- writable permissions are found, logon is rejected.
The default SSH configuration has StrictModes enabled. The appropriate configuration is used if no value is set for StrictModes.
To explicitly enable StrictModes in SSH, add or correct the following line in /etc/ssh/sshd_config.d/00-complianceascode-hardening.conf:
StrictModes yes
Rationale
If other users have access to modify user-specific SSH configuration files, they may be able to log into the system as another user.

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    mkdir -p /etc/ssh/sshd_config.d
    touch /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
    
    LC_ALL=C sed -i "/^\s*StrictModes\s\+/Id" "/etc/ssh/sshd_config"
    LC_ALL=C sed -i "/^\s*StrictModes\s\+/Id" "/etc/ssh/sshd_config.d"/*.conf
    if [ -e "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" ] ; then
        
        LC_ALL=C sed -i "/^\s*StrictModes\s\+/Id" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        touch "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # make sure file has newline at the end
    sed -i -e '$a\' "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    
    cp "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    # Insert before the line matching the regex '^Match'.
    line_number="$(LC_ALL=C grep -n "^Match" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" | LC_ALL=C sed 's/:.*//g')"
    if [ -z "$line_number" ]; then
        # There was no match of '^Match', insert at
        # the end of the file.
        printf '%s\n' "StrictModes yes" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        head -n "$(( line_number - 1 ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" > "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        printf '%s\n' "StrictModes yes" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        tail -n "+$(( line_number ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # Clean up after ourselves.
    rm "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Enable Use of Strict Mode Checking
      block:
    
      - name: Deduplicate values from /etc/ssh/sshd_config
        lineinfile:
          path: /etc/ssh/sshd_config
          create: false
          regexp: (?i)^\s*{{ "StrictModes"| regex_escape }}\s+
          state: absent
    
      - name: Check if /etc/ssh/sshd_config.d exists
        stat:
          path: /etc/ssh/sshd_config.d
        register: _etc_ssh_sshd_config_d_exists
    
      - name: Check if the parameter StrictModes is present in /etc/ssh/sshd_config.d
        find:
          paths: /etc/ssh/sshd_config.d
          recurse: 'yes'
          follow: 'no'
          contains: (?i)^\s*{{ "StrictModes"| regex_escape }}\s+
        register: _etc_ssh_sshd_config_d_has_parameter
        when: _etc_ssh_sshd_config_d_exists.stat.isdir is defined and _etc_ssh_sshd_config_d_exists.stat.isdir
    
      - name: Remove parameter from files in /etc/ssh/sshd_config.d
        lineinfile:
          path: '{{ item.path }}'
          create: false
          regexp: (?i)^\s*{{ "StrictModes"| regex_escape }}\s+
          state: absent
        with_items: '{{ _etc_ssh_sshd_config_d_has_parameter.files }}'
        when: _etc_ssh_sshd_config_d_has_parameter.matched
    
      - name: Insert correct line to /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
        lineinfile:
          path: /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
          create: true
          regexp: (?i)^\s*{{ "StrictModes"| regex_escape }}\s+
          line: StrictModes yes
          state: present
          insertbefore: ^[#\s]*Match
          validate: /usr/sbin/sshd -t -f %s
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-90809-5
      - DISA-STIG-RHEL-09-255160
      - NIST-800-171-3.1.12
      - NIST-800-53-AC-17(a)
      - NIST-800-53-AC-6
      - NIST-800-53-CM-6(a)
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
      - sshd_enable_strictmodes
    
OVAL test results details

Verify if Profile set Value sshd_required as not required  oval:ssg-test_sshd_not_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is removed  oval:ssg-test_package_openssh-server_removed:tst:1  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

Verify if Profile set Value sshd_required as required  oval:ssg-test_sshd_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is installed  oval:ssg-test_package_openssh-server_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

tests the value of StrictModes setting in the /etc/ssh/sshd_config file  oval:ssg-test_sshd_enable_strictmodes:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_enable_strictmodes:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/ssh/sshd_config^[ \t]*(?i)StrictModes(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

tests the value of StrictModes setting in the /etc/ssh/sshd_config.d file  oval:ssg-test_sshd_enable_strictmodes_config_dir:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_enable_strictmodes_config_dir:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/ssh/sshd_config.d.*\.conf$^[ \t]*(?i)StrictModes(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

Verify that the value of StrictModes is present  oval:ssg-test_StrictModes_present_sshd_enable_strictmodes:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_collection_obj_sshd_enable_strictmodes:obj:1 of type textfilecontent54_object
Set
oval:ssg-obj_sshd_enable_strictmodes:obj:1 oval:ssg-obj_sshd_enable_strictmodes_config_dir:obj:1
Enable SSH Print Last Logxccdf_org.ssgproject.content_rule_sshd_print_last_log mediumCCE-90804-6

Enable SSH Print Last Log

Rule IDxccdf_org.ssgproject.content_rule_sshd_print_last_log
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sshd_print_last_log:def:1
Time2024-02-25T14:40:07+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-90804-6

References:  1, 12, 15, 16, DSS05.04, DSS05.10, DSS06.10, CCI-000052, 4.3.3.6.1, 4.3.3.6.2, 4.3.3.6.3, 4.3.3.6.4, 4.3.3.6.5, 4.3.3.6.6, 4.3.3.6.7, 4.3.3.6.8, 4.3.3.6.9, SR 1.1, SR 1.10, SR 1.2, SR 1.5, SR 1.7, SR 1.8, SR 1.9, A.18.1.4, A.9.2.1, A.9.2.4, A.9.3.1, A.9.4.2, A.9.4.3, AC-9, AC-9(1), PR.AC-7, SRG-OS-000480-GPOS-00227, RHEL-09-255165, SV-258009r926014_rule

Description
Ensure that SSH will display the date and time of the last successful account logon.
The default SSH configuration enables print of the date and time of the last login. The appropriate configuration is used if no value is set for PrintLastLog.
To explicitly enable LastLog in SSH, add or correct the following line in /etc/ssh/sshd_config.d/00-complianceascode-hardening.conf:
PrintLastLog yes
Rationale
Providing users feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    mkdir -p /etc/ssh/sshd_config.d
    touch /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
    
    LC_ALL=C sed -i "/^\s*PrintLastLog\s\+/Id" "/etc/ssh/sshd_config"
    LC_ALL=C sed -i "/^\s*PrintLastLog\s\+/Id" "/etc/ssh/sshd_config.d"/*.conf
    if [ -e "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" ] ; then
        
        LC_ALL=C sed -i "/^\s*PrintLastLog\s\+/Id" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        touch "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # make sure file has newline at the end
    sed -i -e '$a\' "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    
    cp "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    # Insert before the line matching the regex '^Match'.
    line_number="$(LC_ALL=C grep -n "^Match" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" | LC_ALL=C sed 's/:.*//g')"
    if [ -z "$line_number" ]; then
        # There was no match of '^Match', insert at
        # the end of the file.
        printf '%s\n' "PrintLastLog yes" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        head -n "$(( line_number - 1 ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" > "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        printf '%s\n' "PrintLastLog yes" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        tail -n "+$(( line_number ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # Clean up after ourselves.
    rm "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Enable SSH Print Last Log
      block:
    
      - name: Deduplicate values from /etc/ssh/sshd_config
        lineinfile:
          path: /etc/ssh/sshd_config
          create: false
          regexp: (?i)^\s*{{ "PrintLastLog"| regex_escape }}\s+
          state: absent
    
      - name: Check if /etc/ssh/sshd_config.d exists
        stat:
          path: /etc/ssh/sshd_config.d
        register: _etc_ssh_sshd_config_d_exists
    
      - name: Check if the parameter PrintLastLog is present in /etc/ssh/sshd_config.d
        find:
          paths: /etc/ssh/sshd_config.d
          recurse: 'yes'
          follow: 'no'
          contains: (?i)^\s*{{ "PrintLastLog"| regex_escape }}\s+
        register: _etc_ssh_sshd_config_d_has_parameter
        when: _etc_ssh_sshd_config_d_exists.stat.isdir is defined and _etc_ssh_sshd_config_d_exists.stat.isdir
    
      - name: Remove parameter from files in /etc/ssh/sshd_config.d
        lineinfile:
          path: '{{ item.path }}'
          create: false
          regexp: (?i)^\s*{{ "PrintLastLog"| regex_escape }}\s+
          state: absent
        with_items: '{{ _etc_ssh_sshd_config_d_has_parameter.files }}'
        when: _etc_ssh_sshd_config_d_has_parameter.matched
    
      - name: Insert correct line to /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
        lineinfile:
          path: /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
          create: true
          regexp: (?i)^\s*{{ "PrintLastLog"| regex_escape }}\s+
          line: PrintLastLog yes
          state: present
          insertbefore: ^[#\s]*Match
          validate: /usr/sbin/sshd -t -f %s
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-90804-6
      - DISA-STIG-RHEL-09-255165
      - NIST-800-53-AC-9
      - NIST-800-53-AC-9(1)
      - low_complexity
      - low_disruption
      - medium_severity
      - no_reboot_needed
      - restrict_strategy
      - sshd_print_last_log
    
OVAL test results details

Verify if Profile set Value sshd_required as not required  oval:ssg-test_sshd_not_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is removed  oval:ssg-test_package_openssh-server_removed:tst:1  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

Verify if Profile set Value sshd_required as required  oval:ssg-test_sshd_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is installed  oval:ssg-test_package_openssh-server_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

tests the value of PrintLastLog setting in the /etc/ssh/sshd_config file  oval:ssg-test_sshd_print_last_log:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_print_last_log:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/ssh/sshd_config^[ \t]*(?i)PrintLastLog(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

tests the value of PrintLastLog setting in the /etc/ssh/sshd_config.d file  oval:ssg-test_sshd_print_last_log_config_dir:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_print_last_log_config_dir:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/ssh/sshd_config.d.*\.conf$^[ \t]*(?i)PrintLastLog(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

Verify that the value of PrintLastLog is present  oval:ssg-test_PrintLastLog_present_sshd_print_last_log:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_collection_obj_sshd_print_last_log:obj:1 of type textfilecontent54_object
Set
oval:ssg-obj_sshd_print_last_log:obj:1 oval:ssg-obj_sshd_print_last_log_config_dir:obj:1
Set LogLevel to INFOxccdf_org.ssgproject.content_rule_sshd_set_loglevel_info lowCCE-90813-7

Set LogLevel to INFO

Rule IDxccdf_org.ssgproject.content_rule_sshd_set_loglevel_info
Result
fail
Multi-check ruleno
OVAL Definition IDoval:ssg-sshd_set_loglevel_info:def:1
Time2024-02-25T14:40:07+08:00
Severitylow
Identifiers and References

Identifiers:  CCE-90813-7

References:  AC-17(a), CM-6(a), 5.2.5

Description
The INFO parameter specifices that record login and logout activity will be logged.
The default SSH configuration sets the log level to INFO. The appropriate configuration is used if no value is set for LogLevel.
To explicitly specify the log level in SSH, add or correct the following line in /etc/ssh/sshd_config.d/00-complianceascode-hardening.conf:
LogLevel INFO
Rationale
SSH provides several logging levels with varying amounts of verbosity. DEBUG is specifically not recommended other than strictly for debugging SSH communications since it provides so much data that it is difficult to identify important security information. INFO level is the basic level that only records login activity of SSH users. In many situations, such as Incident Response, it is important to determine when a particular user was active on a system. The logout record can eliminate those users who disconnected, which helps narrow the field.

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
# Remediation is applicable only in certain platforms
    if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
    
    mkdir -p /etc/ssh/sshd_config.d
    touch /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
    
    LC_ALL=C sed -i "/^\s*LogLevel\s\+/Id" "/etc/ssh/sshd_config"
    LC_ALL=C sed -i "/^\s*LogLevel\s\+/Id" "/etc/ssh/sshd_config.d"/*.conf
    if [ -e "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" ] ; then
        
        LC_ALL=C sed -i "/^\s*LogLevel\s\+/Id" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        touch "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # make sure file has newline at the end
    sed -i -e '$a\' "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    
    cp "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    # Insert before the line matching the regex '^Match'.
    line_number="$(LC_ALL=C grep -n "^Match" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" | LC_ALL=C sed 's/:.*//g')"
    if [ -z "$line_number" ]; then
        # There was no match of '^Match', insert at
        # the end of the file.
        printf '%s\n' "LogLevel INFO" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    else
        head -n "$(( line_number - 1 ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" > "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        printf '%s\n' "LogLevel INFO" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
        tail -n "+$(( line_number ))" "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak" >> "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf"
    fi
    # Clean up after ourselves.
    rm "/etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf.bak"
    
    else
        >&2 echo 'Remediation is not applicable, nothing was done'
    fi
    

Complexity:low
Disruption:low
Reboot:false
Strategy:restrict
- name: Set LogLevel to INFO
      block:
    
      - name: Deduplicate values from /etc/ssh/sshd_config
        lineinfile:
          path: /etc/ssh/sshd_config
          create: false
          regexp: (?i)^\s*{{ "LogLevel"| regex_escape }}\s+
          state: absent
    
      - name: Check if /etc/ssh/sshd_config.d exists
        stat:
          path: /etc/ssh/sshd_config.d
        register: _etc_ssh_sshd_config_d_exists
    
      - name: Check if the parameter LogLevel is present in /etc/ssh/sshd_config.d
        find:
          paths: /etc/ssh/sshd_config.d
          recurse: 'yes'
          follow: 'no'
          contains: (?i)^\s*{{ "LogLevel"| regex_escape }}\s+
        register: _etc_ssh_sshd_config_d_has_parameter
        when: _etc_ssh_sshd_config_d_exists.stat.isdir is defined and _etc_ssh_sshd_config_d_exists.stat.isdir
    
      - name: Remove parameter from files in /etc/ssh/sshd_config.d
        lineinfile:
          path: '{{ item.path }}'
          create: false
          regexp: (?i)^\s*{{ "LogLevel"| regex_escape }}\s+
          state: absent
        with_items: '{{ _etc_ssh_sshd_config_d_has_parameter.files }}'
        when: _etc_ssh_sshd_config_d_has_parameter.matched
    
      - name: Insert correct line to /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
        lineinfile:
          path: /etc/ssh/sshd_config.d/01-complianceascode-reinforce-os-defaults.conf
          create: true
          regexp: (?i)^\s*{{ "LogLevel"| regex_escape }}\s+
          line: LogLevel INFO
          state: present
          insertbefore: ^[#\s]*Match
          validate: /usr/sbin/sshd -t -f %s
      when: ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
      tags:
      - CCE-90813-7
      - NIST-800-53-AC-17(a)
      - NIST-800-53-CM-6(a)
      - low_complexity
      - low_disruption
      - low_severity
      - no_reboot_needed
      - restrict_strategy
      - sshd_set_loglevel_info
    
OVAL test results details

Verify if Profile set Value sshd_required as not required  oval:ssg-test_sshd_not_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is removed  oval:ssg-test_package_openssh-server_removed:tst:1  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

Verify if Profile set Value sshd_required as required  oval:ssg-test_sshd_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is installed  oval:ssg-test_package_openssh-server_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

tests the value of LogLevel setting in the /etc/ssh/sshd_config file  oval:ssg-test_sshd_set_loglevel_info:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_set_loglevel_info:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/ssh/sshd_config^[ \t]*(?i)LogLevel(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

tests the value of LogLevel setting in the /etc/ssh/sshd_config.d file  oval:ssg-test_sshd_set_loglevel_info_config_dir:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_set_loglevel_info_config_dir:obj:1 of type textfilecontent54_object
PathFilenamePatternInstance
/etc/ssh/sshd_config.d.*\.conf$^[ \t]*(?i)LogLevel(?-i)[ \t]+(.+?)[ \t]*(?:$|#)1

Verify that the value of LogLevel is present  oval:ssg-test_LogLevel_present_sshd_set_loglevel_info:tst:1  false

No items have been found conforming to the following objects:
Object oval:ssg-obj_collection_obj_sshd_set_loglevel_info:obj:1 of type textfilecontent54_object
Set
oval:ssg-obj_sshd_set_loglevel_info:obj:1 oval:ssg-obj_sshd_set_loglevel_info_config_dir:obj:1
Distribute the SSH Server configuration to multiple files in a config directory.xccdf_org.ssgproject.content_rule_sshd_use_directory_configuration mediumCCE-87681-3

Distribute the SSH Server configuration to multiple files in a config directory.

Rule IDxccdf_org.ssgproject.content_rule_sshd_use_directory_configuration
Result
pass
Multi-check ruleno
OVAL Definition IDoval:ssg-sshd_use_directory_configuration:def:1
Time2024-02-25T14:40:07+08:00
Severitymedium
Identifiers and References

Identifiers:  CCE-87681-3

Description
Make sure to have the Include /etc/ssh/sshd_config.d/*.conf line in the /etc/ssh/sshd_config file. Ideally, don't have any active configuration directives in that file, and distribute the service configuration to several files in the /etc/ssh/sshd_config.d directory.
Rationale
This form of distributed configuration is considered as a good practice, and as other sshd rules assume that directives in files in the /etc/ssh/sshd_config.d config directory are effective, there has to be a rule that ensures this. Aside from that, having multiple configuration files makes the SSH Server configuration changes easier to partition according to the reason that they were introduced, and therefore it should help to perform merges of hardening updates.
OVAL test results details

Verify if Profile set Value sshd_required as not required  oval:ssg-test_sshd_not_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is removed  oval:ssg-test_package_openssh-server_removed:tst:1  false

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

Verify if Profile set Value sshd_required as required  oval:ssg-test_sshd_required:tst:1  false

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

Verify if Value of sshd_required is the default  oval:ssg-test_sshd_requirement_unset:tst:1  true

Following items have been found on the system:
Var refValue
oval:ssg-sshd_required:var:10

package openssh-server is installed  oval:ssg-test_package_openssh-server_installed:tst:1  true

Following items have been found on the system:
NameArchEpochReleaseVersionEvrSignature keyidExtended name
openssh-serveraarch64(none)34.el98.7p10:8.7p1-34.el9199e2f91fd431d51openssh-server-0:8.7p1-34.el9.aarch64

tests the presence of 'Include /etc/ssh/sshd_config.d/*.conf' setting in the /etc/ssh/sshd_config file  oval:ssg-test_sshd_includes_config_files:tst:1  true

Following items have been found on the system:
PathContent
/etc/ssh/sshd_configInclude /etc/ssh/sshd_config.d/*.conf

tests the absence of match setting in the /etc/ssh/sshd_config file  oval:ssg-test_sshd_use_directory_configuration_default_not_overriden:tst:1  true

No items have been found conforming to the following objects:
Object oval:ssg-obj_sshd_use_directory_configuration_default_not_overriden:obj:1 of type textfilecontent54_object
FilepathPatternInstance
/etc/ssh/sshd_config^[ \t]*(?i)match(?-i)\s+\S+1
Scroll back to the first rule
Red Hat and Red Hat Enterprise Linux are either registered trademarks or trademarks of Red Hat, Inc. in the United States and other countries. All other names are registered trademarks or trademarks of their respective companies.